WordPress login attempts

I wrote a simple WordPress plugin that logs all login attempts, failed and successful ones, to a simple text file. Example log entry:

07.04.11 03:56 GMT+0200 IP:91.224.160.12    Failed login attempt - wrong password. User name: 'administrator' / Password: '123654'

It is very scary to see how many login attempts there are on a day. Most of them seem to be coming from bots that try often used username/password combinations in series of 10 to 20 attempts (or maybe ‘attacks’ is a better word).

There is one important lesson here: choose a strong password for you WordPress admin section, and change it often!
Even an insignificant and small blog will be subject to attacks.

One Response to “WordPress login attempts”

  1. Du says:

    Where is your code??

    I like to try in my website…

    Please, if you can.. send to me: dutchuck@msn.com

    thx

Leave a Reply





Human Verification