We recently had a WordPress site with an active brute force hack attempt on it, and somehow I managed to think about recording what I was doing so I could show you all how this is done.
In this video I’ll walk you through EXACTLY what I did to shut it down, in real time:
– Identifying the hacker source
– Using the hacker IP address to block their progress
– Utilising Cloudflare WAF security rules to help prevent further issues
I’ll walk you through exactly what I am doing, as I go through looking the server stats to see what symptoms we see, the website logs and what I am looking for, then the steps I take to block the hacker at Cloudflare, and then other preventative measures we can put in place to help block this in the future.
We do not use a paid Cloudflare account to do this.
This Russian located hacker was fairly simple, and low tech, so it was a quick and easy one to shut down. Luckily!
Thanks for watching!
This video was originally published on the SixFive YouTube Channel where we make videos about how to manage Google Workspace and WordPress websites, and if you found this content useful please subscribe to the SixFive channel on YouTube.