Bloggers who are using Wordpress must be aware of the recent rise of a wave of hackers locking Wordpress brute force cracking control panel passwords around the world. According to Matthew Prince, CEO of CloudFlare, the so-called brute-force password attack is to enter the admin name, and then try to enter thousands of passwords to log on.
The attacker first scanned the Wordpress website on the Internet, and then attempted to log on to the management interface using the username and password of the botnet established by the Web server. The attacker used more than 90 thousand Web servers this time, because servers have higher bandwidth and connection speeds than PCs, they can launch attacks faster.
The default name for logging on to the WordPress background is admin. Many friends directly use admin as the administrator password after installing Wordpress, so this gives some people the opportunity. Although WP security is strong enough, brute-force cracking may affect normal access to Wordpress even if it fails, increasing the running pressure on the server.
This article will share with you how to prevent Wordpress background brute-force cracking: Install the WordPress Security plug-in and use. htpasswd to protect the Wordpress control panel. Wordpress Security plug-ins can not only prevent brute-force cracking, but also detect the current WP security vulnerabilities and help you improve your performance.
. Htpasswd is a verification file used to restrict access to server files. htpasswd: You can request a password for the wp-admin folder and file to access the Wordpress control panel. This greatly improves the security of the Wordpress control panel and prevents brute force password cracking.