Fixing brute force login attempts in wordpress websites

Category : security

Brute force attack on wordpress website comes from 2 ways.

1) Through “xmlrpc.php”
Solution -> Add a plugin (https://wordpress.org/plugins/disable-xml-rpc/) for disabling it. Don’t do this manually by custom code because we don’t want it to be disabled completely. It is used with some plugins such as “Jetpack”.

Source of solution -> https://www.hostinger.in/tutorials/xmlrpc-wordpress

2) Through “wp-login.php”
Solution -> Add a plugin (https://wordpress.org/plugins/protect-wp-admin/) for hiding WP Admin.

Usage of xmlrpc file -> https://www.hostinger.in/tutorials/xmlrpc-wordpress

The combination of these 2 plugin will solve brute force login attempts issue.

July 7, 2019July 13, 2023

Explainer Videos – Don’t just tell me how. . .show me how.

Category : General

Showing a client or team member what needs to be accomplished can save you time, supplement and enhance your asana task description, or replace the description completely.

Google Analytics – Exclude URL Query Parameters

Category : Google Analytics

FCL was running a massive promotion of Penn State Nike shoes in July.

PIC set up a few Facebook ads linking to the product. When reviewing the metrics in GA’s Landing Page report, separate landing pages were registering for users due to Facebook attaching the ?fbclid parameter onto the ends of URLs.

To cleanup the Landing Page report, go into Admin > View Settings > Exclude URL Query Parameters. Then, add fbclid and click save. This will force all future sessions with the fbclid parameter to fall under the correct URL.

Review the Landing Page Report in GA and filter for “containing ?” to see if there are additional parameters to be excluded for clients (HubSpot is a major culprit here).

Link: