So recently I've noticed from the 'Limited Login Attempts' plugin in my wordpress site that MANY HACKERS are trying to mess with my site. So I’ve been experimenting a bit lately with some WordPress plugins for blocking visitors to my site. I want to share my findings here, so that everyone can benefit from it. I have played with a few plugins to achieve this, and the one I like the best is iQ Block Country by Pascal.
How to Stop Hackers from Accessing Your Admin Login Area
Step 1
Download a plugin called - iQ Block Country. The best thing about this is, it's all FREE. This free plugin will help you to block visitors from countries that you've choosen to block from your site.
Step 2
You may get an error message appearing.. I don't know if other sites will be affected by this too, but I did so I'll share what I did to solve the error message problem.
First, you can pretty much ignore the first line, that talks about an API key. I looked at that , and the API key costs 25 Euros right now, and I think that is per site. While that might be a good thing to have, it basically allows the list of IP addresses to be updated for you automatically rather than manually. I did not follow this route, as I want to do it manually (instructions below).
To do a manual update, you click on the link in the second paragraph, http://geolite.maxmind.com/download/...y/GeoIP.dat.gz and save the resulting file on your computer. Then do the same for the other link, http://geolite.maxmind.com/download/...GeoIPv6.dat.gz
Next, use whatever software you have on your computer for unzipping, and unzip the two files. Depending on your settings, you will either have two files called GeoIP.dat and GeoIPv6.dat, or two folders with those names, with the files inside them.
The next thing is to use either ftp software (e.g. Filezilla) or the File Manager in your site’s cPanel, to upload the two .dat files to your hosting.
NOT the folders, but the files. They both need to go into /wp-content/uploads.
Once that is done, go back to your WordPress admin and refresh the screen and the IQ Block Country error message should have gone away
Step 3
Once you have the plugin installed and activated, in your admin menu, hover over the Settings entry and then click on iQ Block Country.
Step 4
There are two types of blocks – front end and back end. The front end of your site is what you want visitors to see. This is all your content, your pages, your blog posts, your products – all the good bits that you want made publicly visible.
If you are only targetting to certain countries, or if you are getting swamped by comment spammers that you would rather keep out, you might decide to block countries on the front end. But what you should be doing is blocking countries on the backend, so that your admin area is super protected.
The backend is your administration area (admin). You do NOT want anyone but only you or your team to be able to access this. This is where the hackers really want to get to, so they can take over your site.
You will find a number of tabs across the top of the page. On the first one, Home, you can leave the default settings. Leave the frontend. Click on the third tab, Backend.
Once you click on that.... you will see the options for the backend. You will need to tick the “Block visitors…” (See picture below), but it is very important that you also remove your own country from the list BEFORE you click Save Changes at the bottom of that page. Otherwise you will find yourself locked out of your own site.
You should also remove the country of anyone else that needs to get access to your admin area, if they are not in the same country as you.
The Result
Just about 7 hours of installing this on my site, the plugin had already blocked 14 attempts to reach my admin login page (I don’t have front end blocking turned on, only back end).
(And no, I don’t give a shit about posting their IP and their privacy. Why should I when they're trying to mess with me :) )
Since I am not in USA or Canada, I've listed both countries in the coutries to be blocked. So readers in the USA who would not want to block USA access would not benefit from that, but hey it is better than allowing everyone in! Most of the IPs listed on my 'Limited Login Attempt' plugin shows that most of the hackers are from ukraine, israel, brazil and russia. So I'm quite shock that the first 14 attempts are from US and Canada. Lol. Or maybe the hackers use proxies now that know I'm using this plugin (I don't know, just a guess)? What I did is to block ALL COUNTRIES except for my own country.
Anyway, I’m not going to bore you with how much I love this thing and how effective it is. Just try it.
That’s It!
I hope that making this change to your site will allow you to cope better with the influx of hack attempts, by simply blocking their whole country from getting access to your site.
Attached Thumbnails