Blocking a WordPress XML-RPC attack with the Linux kernel firewall.

One of our customers faced a large attack against his WordPress blog xmlrpc.php script. When I connected to his server, the CPU load was over 100.…

WordPress brute-force attack detection plugins comparison (2015 edition).

Following our 2013 benchmarks, we received quite a lot of requests to perform new ones and, this time, to include a category of plugins that wasn’t…

Many popular WordPress security plugins vulnerable to IP spoofing.

A WordPress user who was facing a small brute-force attack asked us for help. He was using a popular security plugin but, this time, his plugin…

WordPress brute-force attack protection in a production environment.

Following the benchmark tests that we published last year, this article will focus on NinjaFirewall in a production environment, facing two real brute-force attacks. The victim It…

WordPress brute-force attack detection plugins comparison.

Update: We released a new set of benchmarks in October 2015. Two benchmark tests will be performed against the 5 most popular security plugins whose description…