In this Blog Post, I am sharing my personal experience of Brute force attacks and how it impacted my website.
Brute force attacks are common in WordPress CMS, and has been a prime target for attackers since ages.
Today WordPress powers over 40% of the Web, and has become quite popular with it’s technological advancements of plugins and solutions.
Cyber Criminals frequently use Brute force tactics to steal WordPress Credentials.
In this scenario. cybercriminals could be:
- Script Kiddies
- Competitors
What is brute Force Attack?
Brute force is an attack type, where someone randomly tries to guess usernames and passwords using automated systems or manual approach.
Brute force attacks are targeted at WordPress due to factors such as
- default login credentials ( Installed typically when installing wordpress on Hosting server)
- weak passwords
- outdated WordPress plugins
- publicly accessible login pages. ( wp-login)
Brute force attacks typically involve a process where hackers employ automated tools to try all possible combinations of passwords till they crack.
In recent times, I have been regularly facing brute force attacks and I thought to share the experience here, as it’s a cyber resource blog and you can learn from this simple case study, How I mitigated the Risk by Implementing some security solutions.
Brute Force Attempts on CyberNomadTV
I am constantly receiving brute force attemps from following countries:
- Netherlands
- United States
- Slovenia
- Taiwan
- Iran
- India
- Germany
- China
- Russia
Need a Reliable EDR [ Anti-virus for Home] – Check out
WordPress Brute Force Case Study
I ran vulnerability assessments on cybernomadtv for analyzing the threat landscape, and in recent times I noticed that Brute force attack was the most common one which occurred frequently.
I am sharing live report of brute force attack attempts which occurred from various countries.
As you can see above in the image illustrated, there were total of 113 failed login attempts on my website.
These Login attempts are of 7 days’ time frame.
This information is achieved using Limit Login Attempts WordPress Security Plugin. It’s a must have security solution on every wordpress Site.
I’m using there paid version, as I am receiving brute attempts frequently.
You can go through the Limit Login Attempts wordpress solution here, The plugin’s capabilities and it’s advantages.
Detailed Log of Brute Force Attempts
I’m also a Cyber Security Professional, and it’s my job to monitor incidents and find potential vulnerabilities in an organization and help them stay secure.
Here, as you can see. I have captured full list of Logs of brute force attempts which occured on my blog.
Logs Information include:
- IP Addresses
- Time Stamps
- Gateway
- Login
- Status
- Reason
- Attempts left
- Lockout Duration
This real time security incidents can give me real time insights on what’s happening on my website, where I can fix potential vulnerabilities and make the website even secure.
The attacker is randomly guessing potential usernames and passwords and trying to get access.
The suspicious IP’s are from different countries, to name few:
- USA
- China
- India
- Russia
- Europe
By showcasing this real time Log data, I wanted to show the importance of having a security solution implemented on your WordPress site.
As your Website grows, this concern is troublesome, and the impact of the brute force is much Higher.
To solve this problem you can do 2 basic things on your WordPress site:
- Use Complex Password which includes upper case, lower case, special characters, and long password.
- Implementation of Limit Login Attempts WordPress Security Plugin. I’d suggest the premium version of lifetime which can save your time and energy to tackle brute force on WordPress.
If you found this post useful, don’t forget to share this blog post with potential learners. I”ll update further to showcase more such real time attacks and incidents here.
In the mean time, check out these useful cyber security content.