Since the CSV log file shows the given password, I added a condition for successful logins. It’s generally 1 since it’s the first account. Not only should you change the user name, but also the ID column for the admin account since an attacker could reference that as well in a SQL injection attack. Here is one write-up for editing the admin name. WordPress 3 also added the ability to use a different name for the admin account during installation, but that doesn’t help after the fact. You can change the user name though by directly editing the database. You’ll notice from the example entries that most hackers assume there’s an administrator account named “Admin.” This is because it’s the default for WordPress installations. Some example log entries from actual attempts: The CSV has the following format: date time,ip address,"user name","password" It could easily be adapted to save to a DB, but I wasn’t interested in doing that. My plugin logs the attempts to a CSV, plain text, file for easy analysis. There’s similar types of plugins already, but I like to learn the process, and frankly, most WordPress security issues are from third party plugins. To help identify if people are trying to break into my WordPress account, I created a simple WordPress plugin that logs all attempts. An important part of security is monitoring.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |