I have seen many websites are built using open source CMS like WordPress, Joomla etc. The most common mistake they have made was leaving their admin unrestricted. The worst is default username and simple password is used. Until the website was uploaded with unwanted software to send spam, unknown redirection, undesired content etc. I have updated my website and plugins regularly, why my website is hacked?
This is a common mistake made by a lot of users. Yes, the path to the admin login URL. Please remember you are using an opensource CMS, anyone can download and install. Basically, the login URL is made known to everyone as well as the default username, and sometimes even the password. Since the admin login URL is the same, I just need an application to guess the username and password. Leaving the username as default like admin or administrator will make the guess easier.
This type of attack is very common, and we called it ‘brute-force’ attacks. If you are one of them mentioned above. It is about time to consider to restrict your admin login. Apert of the admin login, the open source plugins and components may be turned vulnerable too. This open source plugins and components require updates from the authors to reduce the risks of being hacked. There is numerous way to restrict login but to protect your website at the same time, it would be Sucuri Firewall Pro.
Sucuri Firewall Pro protects your login page with several methods. You can allow access to certain IP, a captcha allows only human key in the username and password, another layer of password or a two-factor authentication. Not in time to update? Sucuri Firewall Pro virtually patch your website to keep the attacks away.
Not only these, but it also scans your website in 6 hours interval, makes sure your website does not contain suspicious files and malware. Not forgetting the CDN that speed up your website, keep your website closer to the audiences. Use Sucuri Firewall Pro today.