Blog security is the most important thing that us bloggers have to always keep in mind. There are always online threats out there, hackers and most of all idiots who are jealous about our blogs success and try to sabotage it in some sort of way. This is why, we must take security very seriously and make sure we have a killer set up. One thing to always do is limit login attempts to help combat these spammers who use automated software to try to register on multiple blogs to submit spam comments or spammy blog posts.
If you have money to invest in security now, I would strongly suggest using the iThemes Security Pro plugin. If not, follow this blog post and blog for many security tips.
For this reason, this is why the default membership role you should select should always be set to: Contributer
By making this selection, a contributor can only submit blog post for review and can not publish them. This stops unwanted blog posts from going live if you the admin or hired staff must read blog post before they go live. This is one setting I commonly notice on brand new blog installs with novices bloggers.
Let’s turn back to security the login form from bad actors. The one plugin I found to be effective and is free is the Limit Login Attempts plugin.
What this plugin basically does is that it limits the login attempts. Let’s say someone is trying to login to your admin account using the “admin” username in which you should never use for your login username and is trying to get into your account. After x amount of bad login attempts, they basically blocked for x amount of months or forever from trying to login again. You set the rules.
You can block IP’s altogether if you come across a list of spammers someone posted on a blog elsewhere. Don’t forget to whitelist your own IP and your staff so they don’t get blocked by accident.
The reporting feature is to look at reports. You should constantly check these to see what’s going on and figure out if you have to block and IP or not.
Give Limit Login Attempts a try to let me know if this has resolved any issues for you.