1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Best WP plugin against attacks?

Discussion in 'BlackHat Lounge' started by madinsweden, Mar 7, 2014.

  1. madinsweden

    madinsweden Newbie

    Joined:
    Nov 21, 2013
    Messages:
    24
    Likes Received:
    6
    One of my WP sites got attackt this last couple of days. So i wonder whats the best plugin to use against these attacks? I dont really know what kind of attack it was, but it destroyed my site, and i couldnt even log in to wordpress from it.
     
  2. Conor

    Conor Jr. VIP Jr. VIP

    Joined:
    Nov 7, 2012
    Messages:
    3,362
    Likes Received:
    5,424
    Gender:
    Male
    Location:
    South Africa
    Home Page:
    There's nothing that will totally prevent it. You could install something like this:
    https://wordpress.org/plugins/better-wp-security/

    But if I were you, I'd backup my posts, and do a brand new install of WP, and then install the plugin afterwards.
     
    • Thanks Thanks x 1
  3. Apricot

    Apricot Administrator Staff Member Moderator

    Joined:
    Mar 26, 2013
    Messages:
    11,967
    Likes Received:
    6,451
    Gender:
    Female
    Occupation:
    BHW Moderator
    Location:
    London
    Home Page:
    Depends what kind of attack it was, I was going to suggest Cloudfare, but I can't see a DDOS destroying that much. Maybe sign up anyway, if it doesn't work, maybe they found some sort of exploit.

    In which case, depending on how valuable your data is, it may be worth hiring a security expert of some sort (some are on the forum) to do some penetration testing or something and help secure your site a bit more. May be something small, could be a complicated thing.

    Or if you don't care, you could just hope they don't come back!
     
  4. sashablack

    sashablack Elite Member

    Joined:
    Jan 8, 2010
    Messages:
    3,697
    Likes Received:
    2,050
    Gender:
    Male
    Agreed with above, also contact your hosting provider and tell them to dig around and see exactly what happened. Maybe you have a plugin that let someone in and messed around with your database or access to wordpress. Also take a look at your ftp accounts make sure that you have password set even on anonymous login :) Hope that helps!