Title: Security Breach / Issues Last modified: August 30, 2016 --- # Security Breach / Issues * [cragga_lfc](https://wordpress.org/support/users/cragga_lfc/) * (@cragga_lfc) * [10 years, 9 months ago](https://wordpress.org/support/topic/security-breach-issues/) * I have had an issue it appears in which someone has tried to hijack my WordPress account and has really cause me some great concern, in which the attachment will illustrate the failed attempts. * I received this morning the following message: * “40 failed login attempts (4 lockout(s)) from IP: 185.93.187.69 * Last user attempted: luxor_admin * IP was blocked for 24 hours” * as part of my website i have a “user portal” in which users can create a user account. * Due to this email I am greatly concerned my website is under great threat and therefore would really like to seek your help / support. * I have applied a SSL Certificate as part of my website package in which I don’t know what this will do, but do you have any recommendations as to what I can do to ensure no more attacks take place on my website? * website = [https://www.luxor-estates.com](https://www.luxor-estates.com) * Thanks Viewing 3 replies - 1 through 3 (of 3 total) * [atomicjack](https://wordpress.org/support/users/atomicjack/) * (@atomicjack) * [10 years, 9 months ago](https://wordpress.org/support/topic/security-breach-issues/#post-6468519) * Hi there, * You may want to create a new Admin account with a more secure username, that doesn’t contain generic phrases such as “admin”. * Also ensure that you use a secure password. * On top of that, you could install a security plugin with bruteforce protection such as: [https://wordpress.org/plugins/tags/brute-force](https://wordpress.org/plugins/tags/brute-force) * [barnez](https://wordpress.org/support/users/pidengmor/) * (@pidengmor) * [10 years, 9 months ago](https://wordpress.org/support/topic/security-breach-issues/#post-6468535) * [@cragga_lfc](https://wordpress.org/support/users/cragga_lfc/) * I would also advise that you read and implement the advice in the [Hardening WordPress](http://codex.wordpress.org/Hardening_WordPress) codex, and also read into **username enumeration** and how to prevent hackers from identifying your username(s) through scans. * [https://wordpress.org/plugins/stop-user-enumeration/](https://wordpress.org/plugins/stop-user-enumeration/) [http://wordpress.stackexchange.com/questions/46469/can-i-prevent-enumeration-of-usernames](http://wordpress.stackexchange.com/questions/46469/can-i-prevent-enumeration-of-usernames) * Thread Starter [cragga_lfc](https://wordpress.org/support/users/cragga_lfc/) * (@cragga_lfc) * [10 years, 9 months ago](https://wordpress.org/support/topic/security-breach-issues/#post-6468551) * thank you so much those links have put my mind at rest and have implemented the suggested advice * thanks for your response Viewing 3 replies - 1 through 3 (of 3 total) The topic ‘Security Breach / Issues’ is closed to new replies. * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) * 3 replies * 3 participants * Last reply from: [cragga_lfc](https://wordpress.org/support/users/cragga_lfc/) * Last activity: [10 years, 9 months ago](https://wordpress.org/support/topic/security-breach-issues/#post-6468551) * Status: not resolved ## Topics ### Topics with no replies ### Non-support topics ### Resolved topics ### Unresolved topics ### All topics