Brute force attack is a method of gaining almost every kind of secret digital information. It is based on a method, where the attacker tests multiple predefined values, until he/she finds the right ones. This process is usually done by an automated software. This software generated these value by a set of predefined rules. Or it uses words that are in dictionaries to test whether this word exists in your password.
This kind of attack is usually used to access much more serious information. An example could be cracking the usernames and passwords of administrative profiles. It could be your profile in the administrative panel on your web site. Whether it is WordPress, Joomla, OpenCMS or any other CMS (Content Management System) – hackers try all.
How to protect yourself?
There are two options for protection, which should be activated simultaneously.
1. Use unusual access data.
For username avoid the words “admin”, “user”, “administrator”. And for password use a strong password. (Secure password – what is it?)
2. Use server protection.
- Unusual address to access the system.
Example for usual address to access the system: http://yoursite.com/admin.
Example for unusual address to access the system: http://yoursite.com/accesspanel.
- Protection of file/s, responsible for input data, using htpasswd.
- Protection of file/s, responsible for processing of input data, limiting a list of IP addresses, which have access to this file.