Wordfence Live Monitoring Plugin for WordPress

log in attempts listing
Just a short list of attempts to break in.

A goal of every blogger and website designer is to have people view and read you site. It is only natural. After all we spend countless hours trying to design a great looking website that is easy to use with content that people want to read.

However, one of the things that will ruin any site, no matter how well designed and how terrific  the content, is a website that is compromised. In other words, outside parties hack the website.

I know this from personal experience. This particular site was hacked and the site gained a poor reputation quickly. It has taken me a lot of work to prove to various people that I have cleaned up the site and it is safe to visit.

 

To help protect this website, and you the reader, I have installed various plugins to help monitor activity on this website. One plugin I have recently installed is Wordfence. While I am still learning about all the program’s features, I am impressed so far.

Wordfence is a plugin that monitors activity on your webpage.  On function is it keeps track of log in attempts. As you can see from the snip from above, I have people trying to sign in as an administrator and gain control of my website. To help prevent this type of break-in, I do not use “admin” as a user on my WordPress website. I also use a password consisting of random letters, numbers, and characters and is longer than 6 characters making it more difficult to break into.

Another function of Wordfence is to track hits on the website. As you can see from the photo below, my site has gained the attention of someone from the Netherlands (most likely a crawler or spider program) who has hit my site 1170 times. While some of these hits are for legitimate reasons, like listings for various search engines, most likely the large number of hits from the Netherlands is not for legit reasons.

Visitors or Hackers
Visitors or Hackers

In Wordfence, I can issue block a particular ip address, preventing a that particular computer from visiting my site. Unfortunately, it is a temporary block if you have the free version.

In premium version you more advance blocking features such as country block. This premium feature allows you to block any hits from a particular country(ies). You can do a simple blanket block, or you customize the block so that legitimate users you know can enter your site.

As I stated before, I am still learning all the programs features, so I can’t give a full review. However, I do urge you do take a look at this WordPress plugin.

XP Hack Not A Good Idea

Windows XP Logo

Apparently there is a registry hack which is a “work around” that allows you to continued to get XP security updates. Well not actually, instead it allows you to pull in Windows Server 2003 updates – which has similarities with Windows XP in its code.  So in theory a portion of the updates should work on your Windows XP machine. However, in there are also differences in the two operating systems, so not all the updates will work and could actually damage your Windows XP operating system.

My advice is not to use it. Disconnect you Windows XP machine from the internet and any network to which you are connected. You may not be able to surf the web or get email, but you have a machine you can use and your data is safe. When you have the money, either upgrade your XP machine or buy yourself a new computer.

For more information on the hack, you may want to visit Maximum PC’s article at:

http://www.maximumpc.com/microsoft_warns_against_using_registry_hack_allowing_windows_xp_receive_security_updates_2014

True Story – Hacker Using Users Email Account to Steal

A person I know recently received a phone call from his bank asking him if he had sent a particular email. The email asked for some banking information but asked the reply be sent to a different email account. The bank was calling to see if the information was correct.

It turns out his email account had been hacked because of a poor password. Once the email account had been hacked, the thieves set up a rule in account to send a copy of all emails to the email account they created. (He was using an account that uses an online version of Outlook to manage the email.( The thieves (or would be thieves) were actually sending emails from his account to make the emails look legitimate.

So the lesson here is if you have any account online, please you good passwords. Also if you have accounts that use a mail manager that allows you to create rules or auto-forward email that you check it periodically. You might find your email going to someone else.

 

Want to Know if Website Has Been Affected by Heartbleed

According to the Google Web Store, Chromebleed is an extension for Chrome that will check to see if the website you are using is affected by the Heartbleed bug. Below is the description from the developer.

Description

Displays a warning if the site you are browsing is affected by the Heartbleed bug

Many HTTPS-secured sites on the internet use OpenSSL. Unfortunately, a major vulnerability in OpenSSL was disclosed – known as the Heartbleed bug – yesterday that put hundreds of thousands of servers at risk of compromise.

Whilst some servers have been patched already, many remain that have not been patched. Chromebleed uses a web service developed by Filippo Valsorda and checks the URL of the page you have just loaded. If it is affected by Heartbleed, then a Chrome notification will be displayed. It’s as simple as that!

Please note that, in some jurisdictions, site testing can only be carried out with the express permission of the site owner. Please check what the law says in your local area before proceeding to download this extension.

The extension can be download at https://chrome.google.com/webstore/detail/chromebleed/eeoekjnjgppnaegdjbcafdggilajhpic 

Passwords: How Often?

In recent news, people are being to change their passwords because of a flaw in program that makes internet connection secure, OpenSSL.  There is a lot of material out on how this system worked and how hackers exploited this flaw, so I am not going to rehash material that is already out there.

Instead, I want to focus on passwords themselves. In earlier blogs, I explained ways of how to create more secure passwords, rational why you should use a different password for each account, and the advantages of using a password vault. However, I never visited the subject of how often you should change a password.

If you have a Microsoft live account, you may have noticed that they have an option a checkbox you can click to make you change your password every 72 days. If you work for a company where you have to sign-in or log-on your work computer, you might have to change your password at least every 3 months.

The reason for changing your password from time to time is to close a security hole if your password in cases where your password had been compromised. Essentially your password is a key to unlocking access to your account, like a key to your home. If someone has a copy of your key, he/she can enter your house at any time. They can choose to trash your home, steal your valuables, or collect information about you. Likewise, if someone has your password, they can damage files on your compute, steal funds from your accounts, or collect information on you and your business.

Changing your password is like changing your locks. This way if someone is getting access because someone has a key, changing the lock takes away the ability to use that key. The important thing is when you change your password is that you do not use a similar password. For example, many people will use something like “ruMpl_stilskin!” and then change it to “ruMpl_stilskin!1” and then later to “ruMpl_stilskin!2”. A smart hacker will always check for those variations.  (Side note: the same is true for home locks. If your lock has a similar pin configuration aka key cut as your old lock, a thief can use a technique that will make your old key work in the new lock.)

Ok, so changing your password is a good thing, but how often should you do it? My rule of thumb, the more important the information, the more often you should change it. Does that mean you go crazy and change it daily? In my opinion, if it is that important that you need to change it daily, you should really look at a different way to store the information. In most cases, I think every 30 to 60 days is a reasonable timeframe. Again, if they are more sensitive, you should change them more frequently. I also should stress, you need to change every account periodically, even those with little information you need to keep secure.

There are times when you need to change your all of your passwords immediately; in anywhere are least one of your passwords has been or may have been compromised.  The reason being that if the hacker had access to one account, he/she may have been able to collect information related to your other passwords.

Well, I am off to change my passwords yet again….