If you’re like me you have at least a few WordPress blogs, right?

It’s tough to keep track of all of them and make sure WordPress and all the plugins are up to date.

It’s certainly possible that you’ve been attacked and possibly brought down by hackers. Especially if you do not update them regularly.

It’s happened to me – but fortunately – now I use the free Wordfence Security Plugin.

You see Wordfence does 2 very important things to make sure you are less prone to being attacked.

1) Rate Limiting – throttle or block crawlers/users that are going through your site too fast. Google crawler is not throttled, but everyone else can be!

Throttle Users

2) Login Security Options – locks out the user after X amount of login failures. I usally do 3 or 5 and lock out for 1 day.

Login Security

While you might not think you are being hacked or that your sites are prone to attack I would like to show you some of the email notifications I get telling me how Wordfence has locked out users that were attacking. Check it out!


My sites are constantly being attacked. Fortunately the WordPress blogs at least have this extra layer of protection.

Is Wordfence perfect?

Maybe. I don’t know. I just know it has prevented problems from occurring and also helps keep my sites and servers running faster and more efficiently as it slows down those brute attacks.

So – if you are not using Wordfence Security yet – I suggest you consider adding it to your arsenal of WordPress plugins on all of your blogs!

It just might save your butt!


Jul 06th by Mike L

There have been a few recent headlines about brute force attacks on WordPress sites and I would like to share an excellent free security plugin that will help prevent your blogs from getting attacked!


The WordPress plugin is called Wordfence and it’s free!

Here at BU we have a lot of blogs and we do NOT disable XML-RPC on our WordPress blogs.

The main reason we don’t worry about XML-RPC being vulnerable is because we have Wordfence installed on all of our WordPress blogs, but also we don’t disable it because we rely on XML-RPC for our Blog Post Utility to post articles from our members.

We also do not disable XML-RPC on our blogs because we often use apps on iPhones and such to do all kinds of things with our sites such as checking comments etc.

XML-RPC attacks and most others for that matter are done in brute force style where people try to guess your login and password to gain access and if you have Wordfence it prevents those attacks by limiting the number of login attempts and page views.

Make sure you have the free Wordfence plugin installed.

It’s an amazing tool for security and has prevented a lot of evil activity by blocking excessive logins, brute force activity and even limiting crawling and indexing by attackers.

Wordfence is free so there is no reason you shouldn’t have it installed on every one of your blogs!

If you have a minute – we suggest reading up on XML-RPC at this excellent article on the Wordfence blog.

> Should You Disable XML-RPC???

Oct 12th by Mike L

    A Very Important Concept