We all know the potential for the web to reach everyone who is connected to it ( currently around 50% of the world has a connection ) and no less than Mark Zuckerberg realises after gathering over 1 billion monthly users on Facebook he wants to expand the net to try and acquire the next 5 billion using a program he has launched called internet.org. But with the advent of more and more people going online, it doesn’t mean that this is particularly a good thing, not everyone has good intentions and there are countries you are likely to never do business with but want to find a way of hacking your business website or profiting from your misfortune through scam emails or injected code. So the question arises…why let people from these countries on to your website in the first place? In this blog post, I am going to share with you two ways to block specific countries from accessing WordPress based websites.
Most CMS platforms for websites have a login page where it requires a login and password. If you own or run a website having secure logins has never been more important! In this post I suggest ways of increasing your password security. [divider style=”1″]
Why is a strong password so important?
You spend a long long time making your website. Its content, its media & making it work as efficiently as possible. Others have different ideas…hackers, although many are good, some provide a real threat to your hard work. A hacker can try a brute force attack to infiltrate your digital kingdom.
What a brute-force attack is
A brute-force attack is where a computer tries every possible key or password until it succeeds at infiltrating your website. Nothing like a bit of determination! A simple brute-force attack usually has a dictionary of all words or commonly used passwords and cycles through passwords until it gains access. It can take time to complete BUT just read the next paragraph to see how many passwords can be tested per second…
How long does it take to hack a password through brute force?
This piece of information is really going to shock you…
Individual desktop computers can test over a hundred million passwords per second using password cracking tools that run on a general purpose CPU and billions of passwords per second using GPU-based password cracking tools.
Scary thought really isn’t it, best change that password from password123 now don’t you think?
The hack clock is ticking
Eventually, after a while the hacker will gain access to your website this way if they are persistent. It can take a few minutes, a few days, a few months, a few years, or decades ( i think most would give up at this point! ).
Want to know exactly how long it takes to hack your password then simply enter it into this website, you might be quite amazed at how secure your password is https://howsecureismypassword.net/ if it doesnt take long it’s time to make a change! [divider style=”1″]
Tips to creating a good and incredibly strong password
Most brute force hacking uses commonly used “words” and natural choices we make like numbers after each other. A good technique is to use a phrase rather than a couple of words. For Example think of the song “If I could turn back the hands of time”
“If I could turn, turn back the hands of time, then darling you, you would be mine”
No, I am not declaring my love to you but I am loving this technique for building a password! What I want you to do is take the first letter of each word in that single sentence from the song and make a password!
“If Icould turn, turn back the hands of time, then darling you, you would be mine”
IICTTBTHOTTDYYWBM
This password would take 8 million years to hack whilst still being easy to remember by remembering the tune…quite a while i think.
Add some numbers
If you add just three memorable numbers 124 on the end it would take 3 trillion years to hack
Add some funky symbols
add a ? and it would take only 27 quintillion years to hack…so not at all long!
Go the extra mile & Deny Access to your CMS dashboard
Warning before performing this action make sure you have a basic understanding of what you are doing
What if someone does manage to access your website through brute force, what then? Don’t worry if you do the following steps they can’t access the dashboard of your site even if they guess the password correctly! Bonus.
If you are the only person who needs to login to your Admin area and you know your own IP address, you can deny wp-admin access to everyone but yourself via an .htaccess file.
Create a file in a plain text editior called .htaccess and add:
# Block access to wp-admin.
order deny,allow
allow from x.x.x.x
deny from all
replacing x.x.x.x with your IP address.
Your Internet Provider can help you to establish your IP address.
Or you can use an online service such as What Is My IP.
You have completed your first step to lock down
Creating a strong password is only your first step to ensuring your website is less at threat to those with malcontent towards you and your business. There is a lot more to be done and I will be blogging about these things in future blog posts so please, sign up to my rss feed for my blog and receive it in your email so you never miss new information.
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
Cookie
Duration
Description
cookielawinfo-checkbox-analytics
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional
11 months
The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy
11 months
The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Want to know exactly how long it takes to hack your password then simply enter it into this website, you might be quite amazed at how secure your password is