WordPress is without doubt the most popular CMS at this moment in time, dwarfing other options such as Joomla and Drupal.
While this is a good thing for WordPress, it now has a very large and active community contributing plug-ins, themes and fixes, but with this growth it now also has its bad points … When anything becomes this big, people will find ways to attack the CMS in question for whatever reason they see fit.
Our job as WordPress users (aside from contributing to the WordPress community) is keeping our installs safe from people we do not want to access our sites.
There are numerous plug-ins to help shore up our WordPress defenses such as Login LockDown which records IP address and blocks them after a set number of login attempts which helps against brute force attacks.
Another is WP Security Scan which checks your install for vulnerabilities and suggests possible methods for fixing anything it may find.( Read more...Collapse )