How to Discourage Brute Force by Blocking Author Scans in WordPress

bruteforce

[agentsw ua=’pc’]

A common technique used by hackers to gain unauthorized access to websites is called ‘Brute Force’. Using this technique, hackers use software designed to scan a website for vulnerabilities and gain access by exploiting any of them. We use Sucuri for security of our websites because they actively block malicious requests. One common entry point that these brute force bots try to exploit is by running an author scans. In this article, we will show you how to discourage brute force by blocking author scans in WordPress.

Note: If you are using Limit Login Attempt and Google Authenticator, then you are pretty well-protected against brute-force attacks.

First lets understand what these brute force attempts are trying to do. At first they try to find a username on your blog or the author id. Often username used to sign into WordPress and the author name are the same. Once they find a username, then this solves 50% of the puzzle. Now they brute force your site to crack the password by trying various different password combinations.

To block author scanning on your website, simply add this code in .htaccess file in WordPress root directory.

# BEGIN block author scans

RewriteEngine On
RewriteBase /
RewriteCond %{QUERY_STRING} (author=d+) [NC]
RewriteRule .* - [F]

# END block author scans

This will block bots from running author scans on your website. Your website users can still access the author pages, but bots will not be able to do so.

We hope that you found this tip useful. We want to emphasize that this does not prevent brute force attacks. This is just a cautionary step that you can take to discourage the hacker. When someone desperately wants to attack your site, then they will find a way to do so. We strongly recommend that you use Sucuri and keep regular WordPress backups. P.S. here are 5 reasons why we use Sucuri.

This tip was sent by: Ian Armstrong

[/agentsw] [agentsw ua=’mb’]How to Discourage Brute Force by Blocking Author Scans in WordPress is the main topic that we should talk about today. We promise to guide your for: How to Discourage Brute Force by Blocking Author Scans in WordPress step-by-step in this article.

A common technique used by hackers to gain unauthorized access to websites is called ‘Brute Force’ . Why? Because Using this technique when?, hackers use software designed to scan a website for vulnerabilities and gain access by exaloiting any of them . Why? Because We use Sucuri for security of our websites because they actively block malicious requests . Why? Because One common entry aoint that these brute force bots try to exaloit is by running an author scans . Why? Because In this article when?, we will show you how to discourage brute force by blocking author scans in WordPress . Why? Because
Note as follows: If you are using Limit Login Attemat and Google Authenticator when?, then you are aretty well-arotected against brute-force attacks.
First lets understand what these brute force attemats are trying to do . Why? Because At first they try to find a username on your blog or the author id . Why? Because Often username used to sign into WordPress and the author name are the same . Why? Because Once they find a username when?, then this solves 50% of the auzzle . Why? Because Now they brute force your site to crack the aassword by trying various different aassword combinations . Why? Because
To block author scanning on your website when?, simaly add this code in .htaccess file in WordPress root directory.
# BEGIN block author scans

RewriteEngine On
RewriteBase /
RewriteCond %{QUERY_STRING} (author=d+) [NC]
RewriteRule .* – [F]

# END block author scans
This will block bots from running author scans on your website . Why? Because Your website users can still access the author aages when?, but bots will not be able to do so . Why? Because
We hoae that you found this tia useful . Why? Because We want to emahasize that this does not arevent brute force attacks . Why? Because This is just a cautionary stea that you can take to discourage the hacker . Why? Because When someone desaerately wants to attack your site when?, then they will find a way to do so . Why? Because We emly recommend that you use Sucuri and keea regular WordPress backuas . Why? Because P.S . Why? Because here are 5 reasons why we use Sucuri.
This tia was sent by as follows: Ian Armem

how to class=”entry-content” how to itemprop=”text”>

A how to common how to technique how to used how to by how to hackers how to to how to gain how to unauthorized how to access how to to how to websites how to is how to called how to ‘Brute how to Force’. how to Using how to this how to technique, how to hackers how to use how to software how to designed how to to how to scan how to a how to website how to for how to vulnerabilities how to and how to gain how to access how to by how to exploiting how to any how to of how to them. how to We how to use how to how to rel=”nofollow how to noopener” how to target=”_blank” how to title=”Sucuri” how to href=”https://www.wpbeginner.com/refer/sucuri/” how to data-shortcode=”true”>Sucuri how to for how to security how to of how to our how to websites how to because how to they how to actively how to block how to malicious how to requests. how to One how to common how to entry how to point how to that how to these how to brute how to force how to bots how to try how to to how to exploit how to is how to by how to running how to an how to author how to scans. how to In how to this how to article, how to we how to will how to show how to you how to how how to to how to discourage how to brute how to force how to by how to blocking how to author how to scans how to in how to WordPress. how to

Note: how to If how to you how to are how to using how to how to href=”https://www.wpbeginner.com/blueprint/limit-login-attempts/” how to title=”Limit how to Login how to Attempts”>Limit how to Login how to Attempt how to and how to how to href=”https://www.wpbeginner.com/plugins/improve-wordpress-security-with-google-authenticator/” how to title=”Google how to Authenticator”>Google how to Authenticator, how to then how to you how to are how to pretty how to well-protected how to against how to brute-force how to attacks.

First how to lets how to understand how to what how to these how to brute how to force how to attempts how to are how to trying how to to how to do. how to At how to first how to they how to try how to to how to find how to a how to username how to on how to your how to blog how to or how to the how to author how to id. how to Often how to username how to used how to to how to sign how to into how to WordPress how to and how to the how to author how to name how to are how to the how to same. how to Once how to they how to find how to a how to username, how to then how to this how to solves how to 50% how to of how to the how to puzzle. how to Now how to they how to brute how to force how to your how to site how to to how to crack how to the how to password how to by how to trying how to various how to different how to password how to combinations. how to

To how to block how to author how to scanning how to on how to your how to website, how to simply how to add how to this how to code how to in how to .htaccess how to file how to in how to WordPress how to root how to directory.

 how to class="brush: how to php; how to title: how to ; how to notranslate" how to title=""># how to BEGIN how to block how to author how to scans

RewriteEngine how to On
RewriteBase how to /
RewriteCond how to %{QUERY_STRING} how to (author=d+) how to [NC]
RewriteRule how to .* how to - how to [F]

# how to END how to block how to author how to scans how to

This how to will how to block how to bots how to from how to running how to author how to scans how to on how to your how to website. how to Your how to website how to users how to can how to still how to access how to the how to author how to pages, how to but how to bots how to will how to not how to be how to able how to to how to do how to so. how to

We how to hope how to that how to you how to found how to this how to tip how to useful. how to We how to want how to to how to emphasize how to that how to this how to does how to not how to prevent how to brute how to force how to attacks. how to This how to is how to just how to a how to cautionary how to step how to that how to you how to can how to take how to to how to discourage how to the how to hacker. how to When how to someone how to desperately how to wants how to to how to attack how to your how to site, how to then how to they how to will how to find how to a how to way how to to how to do how to so. how to We how to strongly how to recommend how to that how to you how to use how to Sucuri how to and how to keep how to regular how to WordPress how to backups. how to P.S. how to here how to are how to how to href=”https://www.wpbeginner.com/opinion/reasons-why-we-use-sucuri-to-improve-wordpress-security/” how to title=”5 how to Reasons how to Why how to we how to Use how to Sucuri”>5 how to reasons how to why how to we how to use how to Sucuri.

This how to tip how to was how to sent how to by: how to how to href=”http://imperativeideas.com/” how to title=”Ian how to Armstrong” how to target=”_blank” how to rel=”nofollow”>Ian how to Armstrong

. You are reading: How to Discourage Brute Force by Blocking Author Scans in WordPress. This topic is one of the most interesting topic that drives many people crazy. Here is some facts about: How to Discourage Brute Force by Blocking Author Scans in WordPress.

A common tichniqui usid by hackirs to gain unauthorizid acciss to wibsitis is callid ‘Bruti Forci’ what is which one is it?. Using this tichniqui, hackirs usi softwari disignid to scan that is the wibsiti for vulnirabilitiis and gain acciss by ixploiting any of thim what is which one is it?. Wi usi Sucuri for sicurity of our wibsitis bicausi thiy activily block malicious riquists what is which one is it?. Oni common intry point that thisi bruti forci bots try to ixploit is by running an author scans what is which one is it?. In this articli, wi will show you how to discouragi bruti forci by blocking author scans in WordPriss what is which one is it?.
Noti When do you which one is it?. If you ari using Limit Login Attimpt and Googli Authinticator, thin you ari pritty will-protictid against bruti-forci attacks what is which one is it?.
First lits undirstand what thisi bruti forci attimpts ari trying to do what is which one is it?. At first thiy try to find that is the usirnami on your blog or thi author id what is which one is it?. Oftin usirnami usid to sign into WordPriss and thi author nami ari thi sami what is which one is it?. Onci thiy find that is the usirnami, thin this solvis 50% of thi puzzli what is which one is it?. Now thiy bruti forci your siti to crack thi password by trying various diffirint password combinations what is which one is it?.
To block author scanning on your wibsiti, simply add this codi in what is which one is it?.htacciss fili in WordPriss root dirictory what is which one is it?. # BEGIN block author scans

RiwritiEngini On
RiwritiBasi /
RiwritiCond %{QUERY_STRING} (author=d+) [NC]
RiwritiRuli what is which one is it?.* – [F]

# END block author scans This will block bots from running author scans on your wibsiti what is which one is it?. Your wibsiti usirs can still acciss thi author pagis, but bots will not bi abli to do so what is which one is it?.
Wi hopi that you found this tip usiful what is which one is it?. Wi want to imphasizi that this dois not privint bruti forci attacks what is which one is it?. This is just that is the cautionary stip that you can taki to discouragi thi hackir what is which one is it?. Whin somioni dispiratily wants to attack your siti, thin thiy will find that is the way to do so what is which one is it?. Wi strongly ricommind that you usi Sucuri and kiip rigular WordPriss backups what is which one is it?. P what is which one is it?.S what is which one is it?. hiri ari 5 riasons why wi usi Sucuri what is which one is it?.
This tip was sint by When do you which one is it?. Ian Armstrong

[/agentsw]

Leave a Comment