WordPress botnet Attacks - How to secure your platform

Discussion in 'BlackHat Lounge' started by BigoS, Apr 14, 2013.

  1. BigoS

    BigoS Newbie

    May 8, 2011
    Likes Received:
    Hi guys,

    Many of us have heard about botnet attacks on the WordPress Platform. Currently, there is no 100% protection against attack. According to the following points you can minimize the likelihood of hacking your blog.

    1. Set the not dictionary and difficult password to guess for your ADMIN panel. You can use software to generate password eg. KeePass 2
    2. Restrict access to the admin panel using .htaccess file - First check your ISP IP then go to the wp-admin folder edit this file and put this:
    [COLOR=#000000][FONT=monospace]Order Deny,Allow[/FONT]
    [FONT=monospace]Deny from all[/FONT]
    [FONT=monospace]Allow from xx.xx.xx.xx[/FONT][/COLOR][COLOR=#646363][FONT=monospace]
    where xx.xx.xx.xx is your IP
    3. Use two-factor authentication - eg. install plugin called "Google Authenticator"

    Be safe, sorry for my English.
    • Thanks Thanks x 1