Defending Against the Ongoing Attack on Joomla! and WordPress

Be aware that there is a major attack underway aimed at WordPress and Joomla! websites. If you are having trouble accessing the admin system of your site, contact your web hosting company for support; they may have restricted access to help discourage the attack. This would also be a good time to change & beef up your passwords.

How secure is your admin access? One of the easiest changes you can make to boost security is to use a less common admin system username. The top five user names being targeted by attackers are admin, test, administrator, Admin, and root. Do not use those names! Set up something unusual for your admin system username — and a solid password.

The other half of the puzzle: Passwords. The most recent spate of attacks was using some heavy password cracking tools, and they are hard to escape, but not impossible. The bottom line: The longer the password the better (as long as it is not to be found in the dictionary). You can, however combine words. For example, pinkcloudfishmask is a better password than 8jk#BB simply because it is longer. Gibberish is NOT more secure than readable text, assuming your readable text string is not to be found in the dictionary. The top five passwords being attempted in the most recent attacks against WordPress and Joomla! sites were admin, 123456, 111111, 666666, and 12345678. Please be smart and do not make your site vulnerable to password hacks.

You can learn more about the recent cyber attacks aimed at WordPress and Joomla! website by going to: