There have been a few recent headlines about brute force attacks on WordPress sites and I would like to share an excellent free security plugin that will help prevent your blogs from getting attacked!

globe-locker-locked

The WordPress plugin is called Wordfence and it’s free!

Here at BU we have a lot of blogs and we do NOT disable XML-RPC on our WordPress blogs.

The main reason we don’t worry about XML-RPC being vulnerable is because we have Wordfence installed on all of our WordPress blogs, but also we don’t disable it because we rely on XML-RPC for our Blog Post Utility to post articles from our members.

We also do not disable XML-RPC on our blogs because we often use apps on iPhones and such to do all kinds of things with our sites such as checking comments etc.

XML-RPC attacks and most others for that matter are done in brute force style where people try to guess your login and password to gain access and if you have Wordfence it prevents those attacks by limiting the number of login attempts and page views.

Make sure you have the free Wordfence plugin installed.

It’s an amazing tool for security and has prevented a lot of evil activity by blocking excessive logins, brute force activity and even limiting crawling and indexing by attackers.

Wordfence is free so there is no reason you shouldn’t have it installed on every one of your blogs!

If you have a minute – we suggest reading up on XML-RPC at this excellent article on the Wordfence blog.

> Should You Disable XML-RPC???

Oct 12th by Mike L



Leave a Reply




    A Very Important Concept