Hi,

We have a wordpress site and recently we are getting too much hack attempts from different visitors. We can locate their IP addresses and blacklist them as we have installed two great plugins a few week ago but not sure how to stop these spammers as they are trying proxy or hide my ip type software to hack the site? Any suggestions would be highly appreciated.

There are several solutions which can be completed:

1. Make sure that your WordPress script is updated to the latest stable version. Detailed instructions regarding the WordPress update can be found on the corresponding tutorial page.

2. Install a captcha plugin. A good choice is the WordPress ReCaptcha plugin. Comprehensive instruction on how to install a WordPress plugin can be found here. Once activated, the plugin will prompt for the public and the private API keys. The visualized link will take you to the corresponding Google web site where you can get the API keys for free. Paste them in the corresponding fields and activate your ReCaptcha plugin for comments and users registrations.

3. WordPress comes with a preinstalled antispam solution - Akismet.




______________________________
Salesforce Implementation (http://www.cloudsocius.com/salesforce-implementation/)

Thanks for your great reply cloudsocius13! We have already installed Akismet and captha plugins. These two are great plugins for sure but in this case they are not very helpful to stop hack attempts! However, it's great to see that Akismet is preventing spam comments while captha is preventing automated registration.

When we were searching in Google to find out a solution we have found that a blog post where author shared an IP list of known spammers! We have already used that list in our site and it seems the attempts are reduced drastically! Here you can check that post, hope the list will help you too: http://www.seo-service-provider.org/blog/wordpress/how-to-stop-wordpress-blog-spammers/

Hi Philips,

It’s great to hear that you have found a solution to your problem. Here, I am also sharing some tips that found while googling a solution for your problem. I came across two helpful blogposts that suggested some basic and very solid tips to protect a WordPress site from getting hacked. Some of these tips are stated below.

1. Blocking WP- folders from being indexed by search engines
2. Preventing SQL Injection & URL Hacking
3. Securing wp-config.php
4. Installing Firewall Plugins
5. Changing the WordPress table prefix
6. File and Log monitoring

The execution of these and many more tips has been described in detail in these blogposts. The following are the link to them. Hope they will be helpful to you.

WordPress Security: The Problem, Solution and Remedies (https://blog.znetlive.com/wordpress-security-the-problem-the-solution-and-remedies/)
15 Steps to secure your WordPress website (https://blog.znetlive.com/15-steps-to-secure-your-wordpress-site-4-discretion-data-backup-logging-monitoring/)

hi all
i'm i don't know so much about wordpress very deeply but your post is very convincing. thank you

Hi Philips,

It’s great to hear that you have found a solution to your problem. Here, I am also sharing some tips that found while googling a solution for your problem. I came across two helpful blogposts that suggested some basic and very solid tips to protect a WordPress site from getting hacked. Some of these tips are stated below.

1. Blocking WP- folders from being indexed by search engines
2. Preventing SQL Injection & URL Hacking
3. Securing wp-config.php
4. Installing Firewall Plugins
5. Changing the WordPress table prefix
6. File and Log monitoring

The execution of these and many more tips has been described in detail in these blogposts. The following are the link to them. Hope they will be helpful to you.

This is great. I'll check your blog posts. We've actually activated IP Filter and Limit Login Attempts plugins to prevent hackers/spammers from our site. We've come to know about these two plugins from the same author's post: http://www.seo-service-provider.org/blog/wordpress/2-must-have-plugins-for-your-wordpress-site/
We already have too many plugins and installing new ones I believe would slower the load speed? Not sure to install new plugins but I'll check those posts.


hi all
i'm i don't know so much about wordpress very deeply but your post is very convincing. thank you

Glad to know that golfvacations16! Thanks for your comment.

Tackling with spammers (humans and bots both) is not an easy job when our blog posts get overwhelmed with comments. Making necessary to fill out CAPTCHA, or putting restriction on commentators to login with their registered e-mails in order to make Comment will repel them from commenting. So, you may turn off login formality for comment authors and use anti spam plugin.

If your website is heavily prone to spam, then you may use a combination of plugins having to be sure about their compatibility; otherwise, single plugin with WordPress settings can also work best for your website.

In WordPress there are many settings and plugins you can apply on your website that you can easily protect your website from spammers as well as hackers .

Reduce the number of links allowed per post.
Create a list of 'blacklisted' words.
Set up a comment moderation system.
Restrict comment privileges to registered users.
Use an anti-spam plugin, such as Akismet.
Move to a third-party comments plugin.

hello friend,
5 tips to protect WordPress site against spam-
1.Create the email account wordpress@ on your domain. By default, WordPress uses wordpress@yourdomain.com as the “from” address when sending notifications.
2.Limit who can leave comments.
3.Activate the Akismet plugin.
4.Make sure user registration is turned off.
5.Use CAPTCHA in forms.