Every day thousands of websites get hacked. Hacks are part of everyday online life and it’s easy to get complacent, especially if your own site hasn’t been hacked… yet.
At the same time, complacency can be dangerous. Cyber security threats are constantly evolving, new bots are released all the time, and platforms like WordPress are engaged in a constant battle to stay ahead.
So how do you maintain that all-important vigilance and avoid getting cocky about website security? A limit login attempts plug-in could be just the thing.
I’ve uploaded the Limit Login Attempts plug-in to this website. It limits the rate of login attempts, including by cookies, for each IP address. Every time a hacker – usually in the form of a bot rather than an actual person – tries to hack into my WordPress site and makes too many failed login attempts, the plug-in locks the site so nobody can log in.
So far, so meh. The thing is, the plug-in sends an email every time this happens, as well as a regular ‘security digest’ email. I get a good few site lockout messages each day, which shows me that automated hack bots are attempting to hack my site fairly constantly every day, seven days a week, 365 days a year. This alone is enough to keep my own awareness of cyber threats good and high.
When you see a bunch of lockout notifications in your email box every morning, you’re constantly reminded about the risks. If your site’s on the WordPress platform, you might like to give the ‘Limit Login Attempts’ plug-in a try.