WordPress hacking, botnets and brute-force attacks

malwareThese past few days has seen some alarming news about CMS sites being attacked by botnets. Targeting WordPress and Joomla, these bots are simply trying to access your backend with different combinations of usernames and passwords. Various articles have been written about this and below is a roundup of what can be done to keep your WordPress site safe.

Do not use “admin” as your username: Matt points out that since WordPress 3.0 allows you to pick a custom username on installation, to replace the default “admin”. Hackers and bots will attack your site using admin as the username, so if you are using this, please change it right away.
Read more…