Somebody tried to hack me last week and I have to say it wasn’t the most fun 48 hours. I want to tell you the story of this brute attack on my WordPress blog, what I did to protect myself and how you can too!
I’m not an expert in that field and I have no formal training, but I do my best to stay on top of what we can do as users of the internet to protect ourselves. I’ve created quite a lot of content about Cybersecurity, so if you’re interested, this post would be a great place to start.
How it all started
My blog was a victim of a brute force attack, which is a type of an attack where the hacker tried to guess your password. Nowadays most of these attacks are carried out using bots though, who don’t get tired and will keep on trying until they guess the correct combination.
This brute attack lasted for at least 48 hours and long story short, they didn’t manage to get through because I took a lot of preventative measures which I will talk about in a few minutes.
How did I know I was under attack? My website is on WordPress and I have this plugin called “Limit Login Attempts”. It basically blocks you from logging in after a certain amount of tries. I had it set on 5 tries, after which it would block your IP address from logging in for 30 minutes. And then after a certain number of these lockouts, it would block your IP address.
I’ve received some notifications about these kinds of attempts before, but they would normally one-offs. This time was different though, I was recording videos with Ana Queen Maker and giving a talk at her event and every time I looked at my phone, there was a bunch of new emails about login attempts.
When I got home I checked where the IP addresses were coming from and they were from all over the place: different places in the US, Vietnam, Tanzania and Kenya. They were trying to guess the password/username combination non-stop – thank god I had that plugin installed!
What I did to protect my blog
I had to take action immediately because it was clearly a targetted attack. I use a password manager generated password, so it’s strong and very hard to guess. I enabled 2-Factor Authentication and asked my Virtual Assistant to both, change her password to a stronger one and enable 2-FA as well.
What is 2-Factor Authentication?
2-Factor Authentication is an additional layer of safety for your accounts, it basically means that you need to verify it’s you in 2 ways – with your password and a special passcode that you get to your phone, for example.
I use Google Authenticator for all of the accounts where I could enable it – because if hackers wanted to target you in particular, they could somehow reroute your phone number and receive that code on their phones.
Back to the story
After I enabled that, I tightened the Limit login attempts conditions and manually blocked some of the IP addresses that got locked out.
The next day (I was exhausted the night before), I did a backup of my website, scanned it for malware and made sure that my firewall plugin was enabled.
What is a Firewall?
A firewall is a system that monitors the traffic, for example, going towards your website, and either allows it to pass or blocks it – based on certain criteria and rules it has been given. It’s a widely used technique in cybersecurity.
Once all of that was in place, I could focus on other things. I still got emails and lockouts, but I knew I had a strong system in place and even if they guess the password combination, they wouldn’t be able to pass through 2-Factor Authentication barrier.
Since then I’ve invested in a very strong Firewall software that also scans my website regularly. I’m focusing a lot of attention on proactive measures and am learning more about not only personal cybersecurity but also how to be smarter about the security of my website. And I recommend you to do the same – it will be much more costly to scramble and try to recover things once they’ve been compromised.
Let me know in the comments if you’ve had a similar experience and what you did! And if you have any additional tips on how to protect your website from cybercriminals.