Report Security Vulnerability

robiulroky

My username was…wait for it…Unhackulture (we will blame the coffee) and my password was, well, I don’t remember. It was a shamble though, the password, and for this very reason, it never held ground when some rude internet person (or thingy) hit the login page with ‘brute force’.

Long story short, my defenses caved in and #YouCan’tHackThis fell like the walls of Jericho. Google sent me the dreaded “Hacking Suspected” email with a sample URL, and on further investigation, I found plenty of garbage.

The hacker had the audacity to post a screenshot of their desktop on my beloved #YouCan’tHackThis as if to taunt me. He/she/it had guts I tell you, because on top of the screenshot, there were pages and pages of fluff, filler content that had no direction.

I pulled down the entire site, and beefed up security on my other websites. I installed Solid Security, and today all I get are “Site Lockout Notification” emails. If anyone tries to force their way into any of my sites using brute force, they are locked out for a century! Yeah, that’s 100 years in the bin hacker. Haha, I’m getting carried away.

site-lockout-notification

Weak passwords will get you hacked. Similarly, that admin username Country Email List  you hold onto so dearly will make it easy for hackers. Create personalized usernames when installing WordPress, and use the strength indicator when creating your password. That should be enough, but if you’d like to go the extra mile, you should checkout the 1Password and KeePass tools.




It’s your responsibility as a WordPress user to report a security vulnerability as soon as you discover it.

First, it’s good karma. Second, what goes around comes around. Third, if the vulnerability is in a plugin or theme you use, you get security updates and a big thank you. Your site is not compromised as a result and you build a good rep while making the world a better place.