Special protection now available against brute force attacks
Online security is an area of increasing concern to business owners, and can have a major impact on your brand. If your site is compromised, hackers can deface it. They can secretly install a piece of malware code that uses your site to send out spam. They can get customer information.
We’re pleased to announce a new, improved form of protection for your website.
One of the more challenging security problems has been that of Brute Force attacks. Unlike hacks that focus on vulnerabilities in software, brute force attacks exploit the simplest method of gaining access to a site: by trying usernames and passwords, over and over again, until it gets in. If one had unlimited time and wanted to try an unlimited number of password combinations to get into your site they eventually would, right?
By default, WordPress sites are susceptible to this form of attack, because the system allows users unlimited attempts to log in. Brute force attacks dramatically slow down your website while they are happening, because they act as if thousands of different people are attempting to login at essentially the same time.
Enabling login limits will ban the host user from attempting to login again after the specified bad login threshold has been reached. Even with login limits, brute force attacks can slow down site access and spike your analytics with false readings.
Even with login limits, brute force attacks can slow down site access and spike your analytics with false readings.
The Adwiz installs security software for all clients on sites we build for them that puts login limits in place. When there are too many attempts, the system shuts out the IP address used. However, it would be a problem to lock out the user for an excessively long time because it is physically possible that the attempt was a legitimate one. Sometimes our clients forget their passwords and try a few times. They get locked out, but it’s not the end of the world because they can try again just 15 minutes later. If we were to shut them out for a long time, say 24 hours, it would create some very frustrating experiences.
While these short-term lockouts help, they don’t really solve the problem. The same hackers try the same tactic at thousands of websites every single day. Using automated systems, when they get locked out, the system just comes back later to try again.
That’s why we’re pleased to announce a new security measure available to all of our ReBoot subscribers.
The new Brute Force Protection Network actually uses the power of the Internet to block hacker IP addresses by comparing them against those used at other websites. This is essentially the same approach used very effectively by Akismet, the leading anti-spam plugin, and the only one that actually manages to stop spam. All the sites on the network share the IP addresses of suspected attacks. When the network sees the same IP address used on thousands of other websites for failed login attempts, it knows this is a brute force attack. The system then locks that common IP address out of all the sites registered with the network. Simple and effective.
Although it will take time to catalog all the offending IP addresses (most hackers use many IP addresses and change them constantly), over the next few months we believe the network will get increasingly good at detecting brute force attacks and thus protecting your site by locking out those IP addresses so they can’t even try to login.
The new Brute Force Protection Network actually uses the power of the Internet to block hacker IP addresses by comparing them against those used at other websites.
We’re applying the Brute Force Protection Network, effective immediately, for all our ReBoot clients. ReBoot is a subscription service created by the Adwiz that bundles together a large variety of paid services to provide greater security and valuable reporting services to website clients, so that your brand is not only protected but so that you know what’s happening with your website. You can learn more about ReBoot here.