Why is someone trying to log into my WordPress site?


Always make sure your security ‘cannons’ are ready to fire! Left unchecked, anyone can keep trying your password until they eventually figure it out. And once they’re in? Odds are, they are trying to show ads to your readers, serve malware, or maybe redirect traffic to their site, any of which can get your site blacklisted.

It’s helpful to enable email alerts so there’s a notification when someone is locked out of your site, and to routinely check the “bad login” logs. Here’s a few plugins that can help with that:

  • You can use iThemes Security, a free plugin, to limit common attacks.
  • If you’re already using Jetpack, turn on the “security” option for a more effortless option.
  • Activity Log is great for monitoring site logins and updates.
  • Admin IP Watcher emails you when a new IP address logs in.

What are these hackers/spammers doing? Sucuri takes you through what they’re up to and how to fix it.

As always, please contact me if you’d like recommendations on how to keep your own site in tip-top shape.