Nov 072011
 

Here’s another reason to change your WordPress default login name from admin to something only you know: my logs show that my site keeps getting constant admin login attempts from IP Address 188.143.233.182 in St. Petersburg, Russia and it’s apparently coming from various browsers. (Distributed dictionary attack coming from various computers behind a firewall perhaps?) Anybody else having issues with illegal activity from this IP?

This is not the only address that keeps trying to login as admin, but it is the one that does it repeatedly, every day. Most likely just a script of a criminal trying to penetrate many unprotected WordPress sites by running dictionary attacks.

Beware and harden security of your WordPress site before it’s too late. Some of the security measures I do to protect a WordPress site can be found in the security enhancements section of my WordPress Installation Checklist post on this site.

Here’s a few more good articles about improving your wordpress security:

http://www.codeforest.net/10-wordpress-security-tips-that-could-save-your-site

http://www.lostintechnology.com/miscellaneous/5-important-security-tips-to-protect-your-wordpress-site-from-hackers/#.Tr1eZ0P7i14

EDIT November 24, 2011 – the admin login attempts from this IP address have stopped. Meanwhile I installed the “Limit Login Attempts” plugin described in the links above for extra protection.

 Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

(required)

(required)