today I found 3 modified plugins, using my security plugin wordfence: akismet, fast velocity minify and WP smush in my 2 sites lodged on managed wordpress. They were modified in the readme text. Although I fixed this with wordfence, I am worried because since about 10 days, I see in my logs the 404 generated by login attempts using «test» in the place of username every 24 h a day. Can anyone give me some advice about security measures that I can take to improve security? (changing password and username often, updating everything etc I already do as ordinary behavior. thanks
Hello @mar! That's a concern that is too often overlooked. There are many methods one can take to protect their site. Since this is likely for WordPress, I suggest you check out the WordPress codex for how to further secure your site: https://codex.wordpress.org/Hardening_WordPress
Thanks for your reply. I already searched on wordpress for hardening security but basically what they say is what i know since i was on blogger (and got my site destroyed before coming to Godaddy): secure the password and username, change them often, update all plugins, don't have themes or plugins deactivated because they still can be hacked, etc.. I was trying to learn something new, since i have a maniac hacker stocking my 2 sites and he doesn't go away. And last weeks the username used is «test» and this is new, and got me concerned, if someone is using «test» to login, could he find a different way to upload something and enter the blogs that i could prevent for myself? I seems there isn't, so I will keep vigilant like i always am to do my part of security prevention.
@mar - From what I know of Wordfence, you should be able to set it up to automatically block the IP of any connection trying to log in using an invalid username. I've done this myself on WordPress sites I manage, and it definitely helps. Another thing to consider is adding a 2-factor authentication system to your site. I believe Wordfence offers this as part of their paid service, but there are also plugins like Clef that will add the feature at no cost.
Thanks for your reply. In fact i also have advanced options of wordfence enabled and that's why I know whenever there is any modification of my plugins that are not allowed by their original options. No one can login with admin or invalid username. Still, plugins keep being the week part of wordpress, some minutes ago i found another 2 with readme changed and already fixed it with wordfence . I appreciate the clef plugin suggestion that i didn't know. I have 2 steps in my google email accounts (the ones I use for my sites ) but don't have it enabled in the login for the sites. i also use Ithemes security plugin to complement some security measures mostly because of the wonderful «away mode» option that puts the WP out of reach for the night period and is very useful. Also block the IPs that try to login with some commands like «licence. PHP» etc. but this is not enough, because the plugins keep being changed from outside although no one can in fact login because i have strong password and username changed every 7 days . Now, how to reduce plugins vulnerability is the biggest challenge. Wordfence is still my best help.