If you needed a good reason to tighten up security in WordPress, just look at the table below. It is a few seconds output from my Stop Spammer Registrations plugin. The plugin is now logging attempts to hack into this blog. As you can see, someone in Taiwan is using a dictionary attack to find the password to my admin user account. My blog doesn’t have an admin user account. I changed it to something else. I used the PHPMyAdmin method to change it, but there are many easy ways to change yours.
If your blog still uses admin to log in, Google how to change this right now. Your password is in someone’s dictionary and eventually, this guy or someone like him will log into your blog and muck things up.
It helps if you install my plugin, it will protect you somewhat, but it is not 100%. I have a 10 second delay built into the plugin so the hacker only hits me every 13 seconds (this has to be annoying for him). If you don’t have my plugin, this guy will be hitting you every 3 seconds.
Do any of the passwords below look even a little bit like yours?
date/time | IP | user id | script | reason | |
2012/11/17 18:13:29 | — | 202.39.48.190 | admin/danny1 | /wp-login.php | Cached bad ip |
2012/11/17 18:13:42 | — | 202.39.48.190 | admin/psalm23 | /wp-login.php | Cached bad ip |
2012/11/17 18:13:55 | — | 202.39.48.190 | admin/monkey12 | /wp-login.php | Cached bad ip |
2012/11/17 18:14:08 | — | 202.39.48.190 | admin/gateway1 | /wp-login.php | Cached bad ip |
2012/11/17 18:14:21 | — | 202.39.48.190 | admin/stimpy | /wp-login.php | Cached bad ip |
2012/11/17 18:14:34 | — | 202.39.48.190 | admin/lincoln | /wp-login.php | Cached bad ip |
2012/11/17 18:14:47 | — | 202.39.48.190 | admin/eatmyshorts | /wp-login.php | Cached bad ip |
2012/11/17 18:15:00 | — | 202.39.48.190 | admin/poipoi | /wp-login.php | Cached bad ip |
2012/11/17 18:15:12 | — | 202.39.48.190 | admin/geronimo | /wp-login.php | Cached bad ip |
2012/11/17 18:15:25 | — | 202.39.48.190 | admin/sandman | /wp-login.php | Cached bad ip |
2012/11/17 18:15:38 | — | 202.39.48.190 | admin/christ | /wp-login.php | Cached bad ip |
2012/11/17 18:15:51 | — | 202.39.48.190 | admin/cardinal | /wp-login.php | Cached bad ip |
2012/11/17 18:16:04 | — | 202.39.48.190 | admin/hotrod | /wp-login.php | Cached bad ip |
2012/11/17 18:16:17 | — | 202.39.48.190 | admin/joker1 | /wp-login.php | Cached bad ip |
2012/11/17 18:16:30 | — | 202.39.48.190 | admin/666999 | /wp-login.php | Cached bad ip |
2012/11/17 18:16:43 | — | 202.39.48.190 | admin/wishbone | /wp-login.php | Cached bad ip |
2012/11/17 18:16:56 | — | 202.39.48.190 | admin/quilter | /wp-login.php | Cached bad ip |
2012/11/17 18:17:11 | — | 202.39.48.190 | admin/gameover | /wp-login.php | Cached bad ip |
2012/11/17 18:17:24 | — | 202.39.48.190 | admin/champion | /wp-login.php | Cached bad ip |
2012/11/17 18:17:36 | — | 202.39.48.190 | admin/global | /wp-login.php | Cached bad ip |
2012/11/17 18:17:49 | — | 202.39.48.190 | admin/cambridge | /wp-login.php | Cached bad ip |
2012/11/17 18:18:02 | — | 202.39.48.190 | admin/boston | /wp-login.php | Cached bad ip |
2012/11/17 18:18:15 | — | 202.39.48.190 | admin/drizzt | /wp-login.php | Cached bad ip |
2012/11/17 18:18:28 | — | 202.39.48.190 | admin/immortal | /wp-login.php | Cached bad ip |
2012/11/17 18:18:41 | — | 202.39.48.190 | admin/mephisto | /wp-login.php | Cached bad ip |
2012/11/17 18:18:54 | — | 202.39.48.190 | admin/money1 | /wp-login.php | Cached bad ip |