1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How to STOP HACKERS in Wordpress...

Discussion in 'White Hat SEO' started by barbara83, Sep 26, 2015.

  1. barbara83

    barbara83 Jr. VIP Jr. VIP

    Joined:
    Mar 14, 2015
    Messages:
    939
    Likes Received:
    551
    So recently I've noticed from the 'Limited Login Attempts' plugin in my wordpress site that MANY HACKERS are trying to mess with my site. So I've been experimenting a bit lately with some WordPress plugins for blocking visitors to my site. I want to share my findings here, so that everyone can benefit from it. I have played with a few plugins to achieve this, and the one I like the best is iQ Block Country by Pascal.

    How to Stop Hackers from Accessing Your Admin Login Area

    Step 1

    Download a plugin called - iQ Block Country. The best thing about this is, it's all FREE. This free plugin will help you to block visitors from countries that you've choosen to block from your site.
    iQ Block Country.png

    Step 2

    You may get an error message appearing.. I don't know if other sites will be affected by this too, but I did so I'll share what I did to solve the error message problem.

    Error Message.png

    First, you can pretty much ignore the first line, that talks about an API key. I looked at that , and the API key costs 25 Euros right now, and I think that is per site. While that might be a good thing to have, it basically allows the list of IP addresses to be updated for you automatically rather than manually. I did not follow this route, as I want to do it manually (instructions below).


    To do a manual update, you click on the link in the second paragraph, http://geolite.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz and save the resulting file on your computer. Then do the same for the other link, http://geolite.maxmind.com/download/geoip/database/GeoIPv6.dat.gz

    Next, use whatever software you have on your computer for unzipping, and unzip the two files. Depending on your settings, you will either have two files called GeoIP.dat and GeoIPv6.dat, or two folders with those names, with the files inside them.

    The next thing is to use either ftp software (e.g. Filezilla) or the File Manager in your site's cPanel, to upload the two .dat files to your hosting.

    NOT the folders, but the files. They both need to go into /wp-content/uploads.

    Once that is done, go back to your WordPress admin and refresh the screen and the IQ Block Country error message should have gone away

    Step 3

    Once you have the plugin installed and activated, in your admin menu, hover over the Settings entry and then click on iQ Block Country.

    iq block country 2.png

    Step 4

    There are two types of blocks - front end and back end. The front end of your site is what you want visitors to see. This is all your content, your pages, your blog posts, your products - all the good bits that you want made publicly visible.

    If you are only targetting to certain countries, or if you are getting swamped by comment spammers that you would rather keep out, you might decide to block countries on the front end. But what you should be doing is blocking countries on the backend, so that your admin area is super protected.

    The backend is your administration area (admin). You do NOT want anyone but only you or your team to be able to access this. This is where the hackers really want to get to, so they can take over your site.

    You will find a number of tabs across the top of the page. On the first one, Home, you can leave the default settings. Leave the frontend. Click on the third tab, Backend.

    iq block 3.png

    Once you click on that.... you will see the options for the backend. You will need to tick the "Block visitors..." (See picture below), but it is very important that you also remove your own country from the list BEFORE you click Save Changes at the bottom of that page. Otherwise you will find yourself locked out of your own site.

    You should also remove the country of anyone else that needs to get access to your admin area, if they are not in the same country as you.


    iq block 4.jpg

    The Result

    Just about 7 hours of installing this on my site, the plugin had already blocked 14 attempts to reach my admin login page (I don't have front end blocking turned on, only back end).

    results.png

    (And no, I don't give a shit about posting their IP and their privacy. Why should I when they're trying to mess with me :) )

    Since I am not in USA or Canada, I've listed both countries in the coutries to be blocked. So readers in the USA who would not want to block USA access would not benefit from that, but hey it is better than allowing everyone in! Most of the IPs listed on my 'Limited Login Attempt' plugin shows that most of the hackers are from ukraine, israel, brazil and russia. So I'm quite shock that the first 14 attempts are from US and Canada. Lol. Or maybe the hackers use proxies now that know I'm using this plugin (I don't know, just a guess)? What I did is to block ALL COUNTRIES except for my own country.

    Anyway, I'm not going to bore you with how much I love this thing and how effective it is. Just try it.

    That's It!

    I hope that making this change to your site will allow you to cope better with the influx of hack attempts, by simply blocking their whole country from getting access to your site.
     
    • Thanks Thanks x 12
    Last edited: Sep 26, 2015
  2. nickvk

    nickvk BANNED BANNED

    Joined:
    Mar 17, 2015
    Messages:
    444
    Likes Received:
    125
    i don't care much, i keep my username very very very unrelated to my sites name, so no one could come near to that.. and my password is a mystery.
     
  3. barbara83

    barbara83 Jr. VIP Jr. VIP

    Joined:
    Mar 14, 2015
    Messages:
    939
    Likes Received:
    551
    I did this too.. but there's nothing wrong with being extra careful and adding a layer of security to yoursite, yes?

     
  4. nickvk

    nickvk BANNED BANNED

    Joined:
    Mar 17, 2015
    Messages:
    444
    Likes Received:
    125

    i can't say much, i have wordfence and it does everything, it is free version, simple installing requires + my above said method
     
  5. j0hnd03

    j0hnd03 Newbie

    Joined:
    Sep 24, 2015
    Messages:
    10
    Likes Received:
    0
    Hide your username by delete the code lines where your username is printed. This will solve your problem
     
  6. KunkkaSword

    KunkkaSword Newbie

    Joined:
    Apr 10, 2013
    Messages:
    41
    Likes Received:
    10
    Location:
    United States
    Wordfence works well for me. Using the paid version as well.
     
  7. Soggy

    Soggy Regular Member

    Joined:
    Jun 4, 2015
    Messages:
    385
    Likes Received:
    135
    Have you tried wordfence paid (phone code required to log in) as well?
     
  8. lord1027

    lord1027 Elite Member

    Joined:
    Sep 20, 2013
    Messages:
    3,177
    Likes Received:
    2,238
  9. barbara83

    barbara83 Jr. VIP Jr. VIP

    Joined:
    Mar 14, 2015
    Messages:
    939
    Likes Received:
    551
  10. barbara83

    barbara83 Jr. VIP Jr. VIP

    Joined:
    Mar 14, 2015
    Messages:
    939
    Likes Received:
    551
    Thanks! Will look into this!
     
  11. ibrahimbrtawi

    ibrahimbrtawi Registered Member

    Joined:
    Mar 1, 2015
    Messages:
    51
    Likes Received:
    9
    Location:
    127.0.0.1
    I don't Think That These "Hackers" are using their real ip's
     
    • Thanks Thanks x 1
  12. ubsmax

    ubsmax Junior Member

    Joined:
    Dec 16, 2009
    Messages:
    121
    Likes Received:
    17
    Thanks for detailed step by step, very useful for all. Actually there is a possibility of hacking is backend area (admin) of Wordpress, so we need focus on that.
     
  13. steve43

    steve43 Registered Member

    Joined:
    Aug 2, 2015
    Messages:
    75
    Likes Received:
    15
  14. sunny_clicks

    sunny_clicks Regular Member

    Joined:
    Jul 25, 2010
    Messages:
    259
    Likes Received:
    24
    Gender:
    Male
    Occupation:
    PPC Account Manager Buckdat Media
    Location:
    The Web
  15. barbara83

    barbara83 Jr. VIP Jr. VIP

    Joined:
    Mar 14, 2015
    Messages:
    939
    Likes Received:
    551
    Thanks all for the tips!
     
  16. AliKashif7

    AliKashif7 Newbie

    Joined:
    Oct 13, 2014
    Messages:
    33
    Likes Received:
    64
    Gender:
    Male
    Location:
    Pakistan
    Thanks Will look into this.. :)
     
  17. zoom5

    zoom5 Newbie

    Joined:
    Apr 28, 2015
    Messages:
    40
    Likes Received:
    7
    You might also want to look into changing the URL for the login page of your WordPress installation. It's an added layer of protection.
     
  18. barbara83

    barbara83 Jr. VIP Jr. VIP

    Joined:
    Mar 14, 2015
    Messages:
    939
    Likes Received:
    551
    I did this with another site, they are still able to get to my admin page that was linked with a diff URL.
     
  19. sohom

    sohom Senior Member

    Joined:
    May 26, 2013
    Messages:
    990
    Likes Received:
    175
    Location:
    not in Past
  20. mohammadwasim011

    mohammadwasim011 Junior Member

    Joined:
    Sep 30, 2013
    Messages:
    100
    Likes Received:
    6
    how can scan to malware and virus?
    because
    presently, Google search are showing ("This site may be hacked" message) to my site.