Wordfence Security for WordPress Has Opened My Eyes
There’s a lot of noise about Web security these days and one has to wonder how much of it is inflated to sell software and services and how much of it is real. With the release of Glenn Greenwald’s book this month, No Place To Hide, about Edward J. Snowden and national security, the speculation is to be raised even more.
Months ago we wouldn’t have believed how much goes on in trying to attack a website. That was until we began religiously employing the WordPress plugin WORDFENCE to every site we manage.
That has been an eye-opening experience. Even websites for smaller local clients constantly are bombarded by IP addresses, most often in other countries, trying to break into their Admin login and damage the site.
Alerts constantly come in from Wordfence because a bot in Europe has been targeted against a client, this site or DaddyClaxton.com. How it would strategically benefit a group in Europe, Russia, China, North Korea, Iran, the Netherlands, or wherever to gain access to these sites is unimagineable, but regardless, the battle goes on nearly 365/7 and it is constant.
We write this in hopes of two things. 1) Raising your awareness that if you’re running a WordPress site and not using Wordfence, you probably should be just so you’re aware of how hard others are trying to get into your site. 2) You’d better have some fairly strong passwords, and you might want to delete the ADMIN login all together and use another person or name as such. It appears most of the bot attacks our clients, and we get, are preprogrammed to use Admin as the user name and if it isn’t even in your WordPress system, you’re already miles ahead of them.
Wordfence can be configured so that you get an email every time someone is locked out from trying to hack into your site. Or, you can choose not to be notified. It also can be set up to send someone a notification for every time someone with admin capabilities accesses your site, just in case someone nefarious actually does get in, you’ll know it immediately.
It’s a shame this is what has become of the Internet, but it’s also a fact of life, it’s not going to go away. Wordfence. You need it. And if bots are hammering away so hard at minor WordPress sites, think of how many are programmed to get into your Facebook, Twitter and other accounts once they know your email address….