Every once in awhile, I’d log into my website here and a ton of failed login attempts listed by the IP Blacklist plug-in I have. And by a ton, I don’t mean just tens or even hundreds. I mean there would be thousands! And I just don’t get why. I don’t sell anything on here. I’m by no means “famous”. There’s not even anything all that exciting here.
I tried to patch the holes before but it didn’t quite work. Though, I guess since no one actually got in, it did work.
I’ve been reading up more on how to stop them and have implemented more plug-ins to do things like stop XML-RPC exploits. Make it so you can only log into the admin page from certain IPs. Made this account strictly for editing and not administrative. And tried to hide usernames. Something seems to have helped as I have only had 2 invalid login attempts in the past week or so.
And then there’s the fun of locking yourself out of the website in the process and having hunt around for a fix. Luckily, I’m not the only one who does stupid stuff with their WordPress sites, LOL!
I’ve also been playing with the Social networks autoposter plug-in. There’s a feature where you can tell it to post or not post your blog to social networks based on tags or categories. The category one didn’t work for me so I’m trying the tags feature with this one. Granted I can just uncheck the boxes too but this is more techy, LOL! If this posts to Twitter, I’ll know it doesn’t work. Or I’m missing something. Guess it’s time for the test!
ETA: It worked! I had Twitter check but didn’t tag the post and it didn’t show up on Twitter. YAY!