Support Center
About Us
Facebook-f X-twitter Linkedin

Follow up on WordPress security plugins post

I just wanted to write a quick follow up to the blog I wrote last week about a few plugins I was using for WordPress security in light of the global WordPress brute force attacks taking place . The good news is the Wordfence plugin does a great job blocking people trying to login to my site. The bad news is either the Stealth Login Page plugin doesn’t work or some how people are easily guessing my question and answer phrase to get to my login page, which seems hard to believe. I’m thinking there must be some other way to by pass it.

Because of this, I first removed the Stealth Login page and installed AskApache Password Protect. This requires you to create a separate user account and utilizes .htaccess to secure wp-admin and wp-login.php. When you attempt to login to the WordPress admin page, you are prompted by your web browser for one login. Then if you enter that properly, you are prompted for the normal WordPress login. There are other security features to the AskApache plugin, but I quickly broke my site trying them out, so I won’t touch on them.

This seemed to be a good option until I saw a post from Matt Hartley on Google+ mentioning a two factor authentication option for WordPress. That plugin is put out by Duo Security and it sends you an SMS text after you login for the second phase of authentication to your WordPress blog. You can configure it to remember your computer for a specific period of time, so you won’t have to do this every time you login.

The plugin was fairly simple to setup, and so far it seems to work great. The service is free for up to 10 users. If you want to set it up, you can find instructions here.

Our Blog

Strengthen Your Cyber Defenses: Phishing Prevention Techniques for Financial Institutions
Cybersecurity

Strengthen Your Cyber Defenses: Phishing Prevention Techniques for Financial Institutions

Explore comprehensive phishing prevention strategies for financial institutions, including the FS-ISAC framework, employee education,…

December 19, 2024
Read More
Shadow IT: How Consistent MSP Support Prevents Employee Dark Side Turns
CybersecurityManaged IT

Shadow IT: How Consistent MSP Support Prevents Employee Dark Side Turns

Explore Shadow IT risks and benefits, and learn how consistent MSP support can help…

December 17, 2024
Read More
Essential Documents and Procedures for Passing a CMMC Audit: A Master Guide for Manufacturers
CMMC

Essential Documents and Procedures for Passing a CMMC Audit: A Master Guide for Manufacturers

Navigate CMMC compliance complexity with our master guide. Explore key documents like SSP and…

December 15, 2024
Read More
Our Offices
Pittsburgh Office
2400 Ansys Dr.
Suite 102
Canonsburg, PA 15317
(412) 254-4448
[email protected]
Tampa Office
610 E. Zack St.
Suite 110
Tampa, FL 33602
(813) 379-2808
[email protected]
SECURITY
COMPLIANCE
Quick links
Sign up to our monthly newsletter
Sign Up
Copyright ©2024 Right Hand Technology Group, Inc. All Rights Reserved.
Facebook-f X-twitter Linkedin-in