If you’ve noticed an influx of brute force attacks on your site, you’re not the only one. Sucuri is reporting that brute force amplification attacks are targeting WordPress sites with XML-RPC enabled. In a nutshell, XML-RPC contains a system.multicall method which allows developers to execute multiple methods and commands inside a single request. What is…
Last August, Automattic acquired Parka, LLC, the makers of the BruteProtect security tool for WordPress, with the goal of integrating its features into Jetpack. The services provided in BruteProtect Pro were subsequently offered for free. Jetpack 3.4 was released today with brute force protection available to users via a new module called Protect. You can…
In this weeks show, Marcus Couch and I are joined by the founder of BruteProtect, Sam Hotchkiss. We learn the circumstances which lead to the birth of BruteProtect and how it operates. Hotchkiss explains the details of the acquisition with Automattic and how it will be rolled into Jetpack. While some people are not happy…
The parent company of BruteProtect, Parka, LLC has been acquired by Automattic for an undisclosed amount. BruteProtect is a service providing brute force login protection for thousands of WordPress sites. The BruteProtect plugin will be phased out and rolled into Jetpack and will remain free to use. The services offered by BruteProtect pro are now…
This episode of WordPress Weekly featured a panel of four individuals helping to make the web a safer place. Chris Wiegman – Lead Developer of iThemes Security Regina Smola – Founder of WPSecurityLock Brennen Byrne – Founder and CEO of Clef Sam Hotchkiss – Founder of BruteProtect We discussed a number of topics such as…
Earlier this month, we interviewed Dre Armeda and Tony Perez of Sucuri.net to talk about WordPress security. Both guests shared information from a services perspective. We received a lot of positive feedback on the amount information presented in the episode. We’re going to turn the tables and discuss securing WordPress from the perspective of using…
Security company Wordfence is reporting that the large distributed brute force attack on WordPress sites is starting to subside. On the morning of February 10th, employees noticed a large increase in the volume of attacks. Their real-time activity map was showing so much activity, they had to throttle the amount of data displayed. I asked…
BruteProtect, the cloud-powered brute force attack prevention service that we wrote about back in July of 2013 has successfully closed a seed round of venture capital funding with a private angel investor in California. Jesse Friedman who previously worked for Astonish, has been hired on as the director of innovation. BruteProtect is looking to hire…
I recently received a hat tip from a happy user of the BruteProtect plugin and decided to give it a try myself. The only configuration that is necessary for BruteProtect is to apply a free API key to communicate with the service. If you’re using the Limit Login Attempts plugin to block unsuccessful login attempts,…