When you start up a new blog, there are several plugins which should be installed right away. One of those is Login Lockdown which you can download free within the Plugins area of your WordPress dashboard or from the WordPress plugin directory. I count this one as essential because it is critical to have security on your website.
Bad people will absolutely try to hack into your site! I used to think that since I was not one of those blogs with thousands of daily visitors that I would fly under the radar, but not so. This plugin has locked people out.
I don’t know who they are or what they would have done if they had gotten in, but I’m sure they were up to no good!
It costs a lot of money to have a hacked website cleaned up so it is definitely worth your while to take all the security measures you can to avoid having to hire the hacker attacker.
Login Lockdown is super easy to install and the default settings will work just fine but I’ll go through them in case you want to change any of the settings. Just follow these 3 easy steps:
- Go to the plugins section of your dashboard; Add New; Search “Login Lockdown” and it will be the first one in the list; Click Install
- Activate the plugin
- Login Lockdown can be found in the Settings Menu of your dashboard. Below is an explanation of what you can change but I usually just keep the default settings.
The description from the WordPress directory reads:
Login LockDown records the IP address and timestamp of every failed login attempt. If more than a certain number of attempts are detected within a short period of time from the same IP range, then the login function is disabled for all requests from that range. This helps to prevent brute force password discovery.
Another feature that I like is the notification on the login screen that the form is protected by Login Lockdown. I think that cuts down on people even starting to try to break in.
Once you have the IP address of someone who tries repeatedly to hack into your dashboard, you can block that IP address permanently from your entire site.
Another measure I’ve taken is to have a service called Sucuri scan my sites looking for trouble. Sucuri’s scans will detect whether your site has been blacklisted, contains malware, malicious javascript or iframes, suspicious redirections or spam.
Please take website security serious and don’t think that just because you are new or have little traffic, that you are immune from hackers. A simple step like installing Login Lockdown can save tons of grief later.
