Protecting Your WordPress Site from Brute Force Attacks

• Cybercrime cost the global economy more than $400 billion, and it’s increasingly hurting smaller operations.
• Targeted attacks against small businesses nearly doubled in 2013

Below is one email you DO NOT want to receive from your hosting provider:

Your web hosting account for yourdomain.com has been deactivated, as of 03/24/2015. (reason: terms of service violation – malware/virus)
This deactivation was due to a Terms of Service violation associated with your account. At sign-up, all users state that they have read through, understand, and agree to our terms. These terms are legal and binding.
Although your web site has been suspended, your data may still be available for up to 15 days from the date of deactivation; if you do not contact us during that 15 day period, your account and all of its files, databases, and emails may be deleted.

..and it can happen to you. Don't make me have to say "I told you so", at the very least, take a few preventive steps to help protect your WordPress site from hackers.

Other that doing the obvious like not using Admin as your username, there are a few other things you can do that take just a few minutes to do.

First, keep your plugins and WordPress version up to date. Old, outdated plugins are a popular way to hack into your site and your hosting account. Once in, if you have several different websites on that server, they got 'em all.

Brute force (also known as brute forcecracking) is a trial and error method used by application programs to decode encrypted data such as passwords or Data Encryption Standard (DES) keys, through exhaustive effort (using brute force) rather than employing intellectual strategies.

Another common way that hackers attempt to hack your site is using Brute force. A simple hackers program that will attempt to log into your site using random usernames and passwords.

2 Free Plugins to Help Protect Your WordPress Site from Brute force Hackers.

Plugin 1) If you want to see if your site is being attacked using Brute force, install the "Limit Login Attempts" plugin. You may be surprised at how many bots are trying to hack into your site.

What this plugin will do is limit the login attempts. When login attempts go over the limit you set, it will block the IP for a time period that you set. Pretty efficient.

Plugin 2) BruteProtect logs every failed attempt community-wide. When an IP has too many failed attempts in a specific period of time, BruteProtect logs and blocks that IP across the entire BruteProtect network (your site included). The more users of BruteProtect, the safer we all are from traditional brute force attacks, and distributed brute force attacks that use many different servers and IP addresses.

BruteProtect is a cloud-powered Brute Force attack prevention plugin and the best protection against botnet attacks.

A third option, possibly the best option though it does cost less than $100 a year, would be to add Sitelock, a Website Malware Scanning & Automatic Malware Removal that you can add to your web-hosting server. This will find and fix threats before they become problems.

A small price to pay in comparison to fixing a hack.

Whatever you do, don't do nothing and think you are not susceptible to attack… because in 2015 and beyond a site that is not protected, is a target.

I would have to thing that 'Discussion and questions' would be the most common, but again, this you can tailor to your specific niche and choose what option would be best for you.