WordPress Security

Published: 01/26/2015

Here at Business Promotion, we use the WordPress content management system to power your site. WordPress is the most popular content management system out there - it is currently estimated that more than one in five websites relies on WordPress.

Unfortunately, the popularity of WordPress makes it an inviting target for hackers. There is a botnet (group of hacked computers that take commands from hackers) that seeks out WordPress sites and tries to hack in by a brute force attack (trying a whole bunch of different usernames and passwords). Some estimates put the size of the botnet at over 90,000 compromised computers.

Fortunately, here at Business Promotion, we are taking active steps to prevent your website from being compromised by keeping your site up to date with the latest, most secure version of WordPress and tracking login attempts with our own custom software so we can ban botnet IP addresses. We have already banned over 70,000 IP addresses illegitimately attempting to log into WordPress on our servers.

Our latest step for protecting your website is IP address whitelisting. If someone attempts to log in from an unrecognized IP address, they are asked to enter the email address associated with the WordPress account. If they enter the correct email address, an email is sent to confirm that the IP should be authorized. IP address whitelisting prevents the botnet from successfully logging in even if it managed to guess the username and password.

If you attempt to log in from an unauthorized IP address and you do not receive the confirmation email, please call our customer support team at 1-866-664-5216, and they can add your IP address to the whitelist manually.

Author: Eric Stone
Position: Senior Web Developer
Eric Stone has been working in website development since 1999, and has been with Business Promotion since 2009.

comments powered by Disqus