WordPress Security Employee Email Attack
We like using WordPress to build website and blogs, and we always add some kind of Web Access Firewall to keep it semi-safe. We review the access logs in the Web Access Firewall login attempts to block bad IP‘s. We noticed some of the attempts were old & current employee email addresses and names. Some of the passwords the attackers used were passwords we have seen previous employees used.
This is a good reason to enforce strong password policies. There are a ton of plugins to achieve this, and a bunch of them are free. We realized these attackers had some information regarding our company. It was great to see these login attempts thwarted by simple plugin. This is why it is so important to install something to help. We used RSFirewall for WordPress on the site where we discovered these login attempts. It was a reminder to us, and we want to keep you aware.
Let us know if this helped you…
Comments