1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Some one Trying to Hack My Site.! How to Protect.?

Discussion in 'Black Hat SEO' started by K.H.R, May 22, 2015.

  1. K.H.R

    K.H.R Jr. VIP Jr. VIP

    Joined:
    Dec 9, 2013
    Messages:
    3,154
    Likes Received:
    1,006
    Gender:
    Male
    Location:
    BHW
    Hello BHW,

    Someone Tried to Hack my WP Site, But my Site is not ready yet. I just installed a theme, no content or any thing there but its under Attack. My Domain name is Really Brandy, xxxxxshop.com. How can I protect this ? I hosted that on Godaddy Wordpress Hosting & I Deleted It Now.


    [​IMG]


    I just Setup Login Attempt 1 Time, If some one try only 1 time with wrong info, it will block him for 24 Hours.

    [​IMG]

    But I think this is not the Permanent Solution, This Hacker is Shit, Any Skilled Hacker can Break This.
     
  2. ibmethatswhoib

    ibmethatswhoib Jr. VIP Jr. VIP Premium Member

    Joined:
    Feb 17, 2011
    Messages:
    1,560
    Likes Received:
    1,164
    Occupation:
    Staying Informed
    Location:
    Bay Area, Ca
    Home Page:
  3. tophi

    tophi Regular Member

    Joined:
    Sep 7, 2012
    Messages:
    444
    Likes Received:
    86
    I get tons of this every hour, ignore :) Change your display username with the actual login username via sql, for example : in the website posted my User1 but when you go to /wp-admin you log in with username John, so guessing a username + password = mission fail :}
     
  4. helll0a

    helll0a Jr. VIP Jr. VIP

    Joined:
    May 12, 2014
    Messages:
    471
    Likes Received:
    136
    Occupation:
    (s) I wear a lot of hats.
    Location:
    Nowhere close to my dream
    LOL I get atleast 20000 hits a day combined on all my sites. Do not worry, just buy a paid plugin and ur good. This is the circle of life my friend.. if hackers dont do this.. how will we get our 'high pr' links ;)
     
  5. Man101

    Man101 Newbie

    Joined:
    Apr 1, 2015
    Messages:
    29
    Likes Received:
    5
    You can try Wordfence plugin, the free version is also good enough. Many times they are simple bots, not actual humans attempting to gatecrash. Also set your username to something exotic, most bots try names such as admin, root, etc.
     
  6. Nut-Nights

    Nut-Nights Jr. VIP Jr. VIP

    Joined:
    Jun 20, 2013
    Messages:
    5,039
    Likes Received:
    3,209
    Location:
    Hell
    Home Page:
    The only way is to hide your username, Make sure your site post author is different. Look like its noob hacker.
     
  7. Repulsor

    Repulsor Power Member

    Joined:
    Jun 11, 2013
    Messages:
    766
    Likes Received:
    275
    Location:
    PHP Scripting ;)
    In addition to adding a good login protection plugin, you should also remove *every* crappy outdated plugin you might have installed in your site. After trying to bruteforce the password, next try would be finding vulnerabilities for a shell upload or something.

    Also, disable anonymous ftp incase if you have it ON, in your hosting.
     
  8. goldentreasure

    goldentreasure Junior Member

    Joined:
    May 17, 2015
    Messages:
    110
    Likes Received:
    13
    Gender:
    Male
    Avoid Crack themes. Avoid user name as admin or administrator.
     
  9. upstarter

    upstarter Regular Member

    Joined:
    Apr 29, 2014
    Messages:
    333
    Likes Received:
    46
    Doesn't your host employ a 2-level authentication for your site?
     
  10. Content Mario

    Content Mario Junior Member

    Joined:
    Mar 24, 2015
    Messages:
    128
    Likes Received:
    24
    No worry about that. some how they wont access ur wp. so change the user name and pw every week. u have gave any rights to 2&3 level acesses.