Had a conversation with Abhi from The Odd Blogger last week over Facebook after reading his great article about the Better WP Security WordPress plugin.
I had been using the WP Security Scan plugin which isn’t as thorough but can’t muck up your WordPress blog either by locking down files or theme revisions too much which can screw up plugins and other functions from working, but I installed it and tested every option I could while minimizing risk and one of the biggest benefits I got surprised me.
In Better WP Security there is a Login Limits feature which not only limits the amount of login attempts by an account, but also has the ability to lockout the account for a set interval and ban the IP address making the request after X amount of lockout attempts indefinitely.
It seems that on all my blogs a login attempt was being made on my site every few hours constantly.
This was from more than 1 IP address, and I can’t find the source. I wish the plugin would report which account or what ID was attempted to be logged in with (admin, which I don’t have a generic admin) or some other valid contributor/subscriber/admin account.
This does tell me though that you are better off using this plugin because these could be brute force attack attempts to compromise your WordPress blog. It could also be a paid blogging system I signed up for and gave access to publish to my blog remotely. If you use MyBlogGuest or SocialSpark and grant publish access to your blog, only to change the password of the account you setup then you will see the same issue. In these attempts however it was nothing I could identify so I am glad the IP’s were eventually banned.
If you haven’t started looking at WP Better Security for WordPress you should check it out and I highly recommend you read Abhi’s article here: http://oddblogger.com/best-wordpress-security-plugin/
Be warned, some settings could cause serious issue so pay attention to Abhi’s article and always take backups of your files and database before making changes.