Google, Facebook, Twitter, LinkedIn and many other sites have two factor authentication. And I also want to have it in some of my projects.
While searching the internet, I found many solutions. All of them are somehow complicated or stuffed with unnecessary features for me. I want fast and simple solution. So I made my own.
I use Google Authenticator on my phone and QuickAuth on my Pebble Time smartwatch.
These apps generate 6 digit TOTP (Time based one-time password) for ...Read more
Few days ago I've created a solution to block wp-login.php bruteforce attacks. After implementing it to the several sites the logs now are filled with a new phenomenon.
Confused hackers, knowing that site is on the wordpress platform, try to find if this wp-login.php file is moved somewhere. And they actually scans all possible combination of paths on the site. Luckily this doesn't affect on the server's resource as hard as bruteforce attack. It's much easier to ...Read more
I'm maintaining a lot of Wordpress based sites. And almost daily there is some brute force attack on one of them. The target of these attacks is wp-login.php file. There is a lot of solutions to protect this file by limiting an access to it using separate password or manually adding allowed IP address. And changing them all the time is not an option for me.
So how I solved this? By automagisation! ;)
Main point is to modify .htaccess file to have access rules ...
Have you been or are you in this situation:
Yes? So, why on earth you want to wrap your already wrapped Christmas presents into another paper?!
If you don't know what are you doing, read next carefully ...Read more