Gigarocket Forum > Web Development & Graphic Design > WordPress Discussion, Plugins, Design, Support and Security > The first attacks to my website
Gigarocket Forum > Web Development & Graphic Design > WordPress Discussion, Plugins, Design, Support and Security > The first attacks to my website
Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5

The first attacks to my website
pepedeticher Offline
Junior Member
**
Posts: 36
Monthly Posts: 0
Threads: 13
Likes Received: 8 in 6 posts
Likes Given: 10
Joined: Jan 2020
Giga Points: 27.5 GP
#1
02-07-2020, 06:37 PM
I installed WordFence, and I'm so glad I did! I also followed some advice on how to secure my website. It's really time well spent!

I still have almost no visits to the website, but suddenly, 2 days ago, I got hundreds of visits. Most of them were to my login page. Wordfence blocked many IP's. Interestingly enough most of them are from Russia and Ukraine. I don't get the interest these countries might have in my courses in Spanish. LOL.

I'm pretty confident my web is secure (I followed every advised action I found around). But, just in case, should I take any additional step? Or just do nothing?
[-] The following 1 user Likes pepedeticher's post:
  • Genesis
Website
Reply
GndZ3r0 Offline
Hosted Member
*****
Posts: 51
Monthly Posts: 0
Threads: 2
Likes Received: 16 in 14 posts
Likes Given: 8
Joined: Dec 2017
Giga Points: 27.5 GP
#2
03-08-2020, 09:31 AM
When I installed a wordpress it ask me if I want to install Loginizer security.  Free version is good enough for stopping bruce force attacks. It advising you to set file permission to 0444 for wp-config. php and .htaccess.  So if you haven't already done so make sure you set those permission with or without this plugin.  Just go to your cpanel file manager or through ftp software on your pc.

Cloudflare is another one you can get free SSL, so you can either drop Let's Encrypt and use cloudflare or you can make them work side by side (many tutorials on google).  Cloudflare is built to be anti-brute force attacks.

One cool feature of cloudflare I found out recently while reading view source on one of my website is that they encrypt your emails, say you have email: me@mysite.com in your code, then cloudflare will somehow encrypt that so it looks normal when you visit the website but the code is different it looks like
Code:
email: <a href="/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="8beaeff9e2eae5edfee7ffe4e5eceae7e7eef9e2eef8cbece6eae2e7a5e8e4e6">[email protected]</a>

Was checking out wordfence and I may give it a try, seems like a good plugin I like their 2FA feature.
[-] The following 1 user Likes GndZ3r0's post:
  • pepedeticher
Reply
daya143 Offline
Member
***
Posts: 86
Monthly Posts: 0
Threads: 18
Likes Received: 8 in 6 posts
Likes Given: 7
Joined: Jul 2013
Giga Points: 109 GP
#3
03-08-2020, 10:19 PM
I am not an expert, but one tip for you.
Go to securityheaders site & do a test.
To help you,  get HTTP Headers plugin for fix it easily.
[-] The following 2 users Like daya143's post:
  • GndZ3r0, pepedeticher
Reply
inesta Offline
Hosted Member
*****
Posts: 12
Monthly Posts: 0
Threads: 0
Likes Received: 5 in 5 posts
Likes Given: 0
Joined: Apr 2020
Giga Points: 5.5 GP
#4
04-05-2020, 11:57 PM
for your security ,
You shoud add an extra security layer to your website with hosting your dns address to an Anti DDos service providers like cloudflare.
it has also an option wich called : "I'm Under Attack".
this service check your website compeletely first to identify that you are not an attacker bot and after that gain you access to your website.
Reply
  




Users browsing this thread:
1 Guest(s)

The first attacks to my website439