The Wordpress community has been a buzz lately with the latest on the brute force attacks from over 90,000 IP addresses. The attacks have been trying combinations of common usernames, like "admin" with 1,000 common passwords.
Don't fear Wordpress users there are several things you can do to secure your site and protect it from the hackers.
1. Change your Username. Don't use the default admin as your username. If admin is your username there is a plugin that can change it for you.
2. Use a secure password. Generate a secure password with symbols, letters and numbers. If remembering all of your passwords is tricky, try a password service like LastPass to create and remember passwords for you.
3. Keep your Wordpress core files, plugins, and themes up to date. This helps to keep your site secure, as updates often contain security updates.
5. Regularly backup your site. Regular site backups allow infected sites to be fully restored. The more frequent the back up the less chances of loosing valuable data. This can be done manually or through one of the many site backup services and plugins.
6. Wordpress.com users, activate 2 factor authentication. Standalone Wordpress users don't have this feature, but those hosted on Wordpress.com do.
Has your site been hit by the brute force attack? Are you increasing your site security in response to this threat? Tell us about it in the comments.