Web
Analytics
Connect with us

Security

How to Protect Site from DDoS?

Published

on

How to Protect Site from DDoS?

Right now, with the advancement in technology; the “bad guys” have more opportunities to “prove themselves.” Especially when it comes down to the cyberspace.

So well that's one of the reasons why I'm writing this piece today, where I'll be explaining to you how to protect  site from DDoS attacks. Well of course before that, it's a good thing for us to take a sneak-peek into what DDOS exactly is, huh?

If you have a WordPress Website, make sure you have created WordPress backup because attackers can easily attack any website. You can easily Restore WordPress backup.

What is DDOS?

How-to-protect-site-from-ddos

DDOS is just a kind of attack that has the capabilities to get your server down and hence, as a result, your site won't load, simple as that.

But if you want a better explanation, well then the full form of DDos is- Distributed Denial of Service attack, and it is an attack which consists of sending more request to your server than it can handle, which in turn causes the server to crash.

There are more than a single variation of DDoS attacks, although DDoS is often confused with Brute force attack, they both are entirely different.

A brute attack is only trying random set of passwords for admin access while a DDoS attack can bring a website down completely.

How to Stop a DDoS Attack?

I've covered anti-DDoS protection tactics right down here, so keep reading.

Well, Cloudflare is a great, easy to use, an online tool that would come to your rescue if a DDoS is being attempted over your site.

Note – When under attack, visit the following URL https://www.cloudflare.com/under-attact and it will help you fight the attack and bring your site down to normal.

How to Protect a Site from DDoS:-

Start with analyzing you Hosting server; you should choose a hosting based on reviews and functionalities, not by their price.

No doubt you are very familiar with many hosts which provide hosting for $2 per month, well sure it is not going to be blazing fast and cut the mustard.

Managed WordPress hosting is way better when it comes to secure hosting.

Well, a good place to start is by verifying the level of control you've got along with your servers.

Majority of them will offer:

  • A managed WordPress hosting
  • Daily or weekly backups
  • Automated security update
  • 1-click restore options
  • automatic caching
  • top tier security

No matter which host you decide to go with, you should check the following if they offer it.

  • Run stable versions of server software and patch as necessary
  • Have an option or auto Enable a server-level firewall
  • Let you make a backup or restore site or database quickly
  • Intrusion detection

Hosts which provide managed WordPress hosting (such as wp beginner or wp engine for example) uses caching.

A CDN passes the catching; that is a pretty good deal.

 Setup WordPress Using W3 Total Cache with a CDN:=-

However, if you are running on a host which is not managed, you can implement a CDN network and a caching plugin (w3 total cache for such purpose).

CloudFlare is the most popular. The traffic has to pass through the CloudFlare servers, and the attacks will be absorbed by the Cloudflare’s extra layer. You can see this guide to add/remove Cloudfare on your Website.

How-to-protect-site-from-ddos

When someone tries to access the website they might see this page. So make sure your traffic is from real people and not bots or some kind of traffic tool.

How-to-protect-site-from-ddos
Managed hosts (such as WPEngine for example) use caching which is passed through a CDN, so if you do not aspire to use a managed WordPress host, then do consider implementing a CDN alongside a caching plugin such as W3 Total Cache

Both are easy to set up and from that point of the time, all your traffic will be passed through the CDN caches as well as passing through an SSL (secure socket layer/ TLS).

You can seek the information from maxcdn, in case you need help. They have a pretty good visual guide.

How-to-protect-site-from-ddos

More precisely you'll learn the following, What is a CDN? How SSL Works.

If you have your website hosted on a shared server, it is easiest for the hosts, but it does not guaranty a most secure environment . In case, VPN and dedicated server tend to give more control.

Here are the ways to bulletproof your WordPress website. (most of the following are for advanced users (you should be familiar with admin tasks and coding).

So if you are shouting out ‘No I am not' then ask your Web developer to do it for you.

Opt for Automatic Updates:-

Make sure to get updates automatically in WordPress; you will get minor automatic updates. However, make sure to backup your website in case something goes wrong, and cause your site take out

Make sure to get updates automatically in WordPress; you will get minor automatic updates. However, make sure to backup your website in case something goes wrong, and cause your site take out.

Note: you need to add a line to your “wp-config.php” file to let major updates get installed automatically.

#Enable all core updates, including minor and major:

define ( ‘WP_AUTO_UPDATE_CORE', true );

There are few plugins which allow you getting daily updates, make sure you get them if you're serious about your security.

Using .htaccess to Strengthen Your Security:-

You need a strong enough .htaccess file if you're going to get anywhere with all of your security measures. And well a good way to do that is:-

#Protectwp-login

AuthUserFile ~/.htpasswd
AuthName “Private access.”
AuthType Basic
require user mysecretuser

Next, time you when you log in, it will open a prompt display, and you'll be required to input your username and pass. Afterward, you need to log in the standard login screen of your WordPress website.

Obviously, use a different password for both. Or else what's the use, huh?

One more advice is to delete the username ‘admin' and make a new one with different that ‘admin' username. This changes your Wp login directory URL and gives you an edge.

WordPress Security Plugins:-

Yes, you can, of course, use WordPress Security Plugins. At the time when you do install the security Plugins check their update timing, they should frequently be updated. Check their reviews and users rating.

Cut down Plugins you are not using, often check to figure out unwanted Plugins and themes, they sometimes lead to over-cluttered memory usage anyway.

Use Plugins to Stop XML-RPC Abuse:-

Well, you don't need to get into technicalities. Because that would require me to go on talking about all the critical terms and methodologies of what XML-RPC abuse exactly is.

What you do need to concern yourselves with is, if you want a secure future from Distributed Denial of Service ( DDoS ) attacks, get the following plugin.

Disable XML-RPC Pingback

It stops the hackers from doing certain things to your website which you don't want to be done, simple as that.

What this exactly does is,  stop your xmlrpc.php to be hit. (I hope that's enough “hacking” class for today, right?)

Ah, make sure you've got WordPress 3.8.1 or higher before installing that.

Conclusion

Securing your website should be your first step, always keep frequent backups of your website data. Avoid DDoS attacks by utilizing the given tips in this guide. If you are using WordPress themes, make sure you are not using nulled themes which may have infectious code that can leak all the credentials to attackers. Customizing WordPress themes are really easy and any skilled attacker can easily inject code in such themes.

Don’t use pirated plugin or themes. Using the combination of the following instructions will make your WordPress website safe so you now can sleep in peace without the need to stress on how to protect site from DDos attack right? Hope it helped.

Evan Derek is the Founder and Chief SEO Analyst @ VebbLabbs. Specialising in Affiliate Marketing and helping newcomers to make it a stable profession in the online world, he boasts 6+ years of experience in the industry. 19 year has he spent on this planet successfully, and plans on spending atleast 50more !

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Security

How to Reset Windows Password Without an Installation CD

Published

on

How to reset Windows Password without an installation CD

Password – one word with a huge meaning in our life nowadays, because daily we use lots of sites over the internet. To remember all login passwords is not an easy task but browsers are giving the facility to remember them. What, when you forgot your Windows Password?

Reinstall the Windows Copy? That's not a good idea because there are many ways to reset Windows Password. And right now you don't have the installation CD, in this case also there is no need to worry.

Today, I am gonna show you a tutorial on “How to Reset Windows Password without an installation CD”. So, below is the step by step guide on How to Reset Windows Password without an installation CD, just follow it and reset Windows Password easily.

Step by Step Guide on:

How to Reset Windows Password without an installation CD

Step 1:

Firstly, you have to download the Offline NT Password & Registry Editor and make a boot disk using ISO image which you have downloaded.

Step 2:

Boot your PC from the boot disk and you will see below image on your screen. On-screen, it asks if you want to select the first partition (Windows installed partition) then “1” is already selected, so just hit Enter.

Step 3:

The next screen will appear to choose the path to your registry. The default is fine don't need to change it, so just hit Enter.

Step 4:

Now, the screen will appear displaying Password reset and many other options, don't do anything because “1” is already selected so now also just hit Enter.

Step 5:

Here you will be prompted, whether you want to edit users or the registry. You want to edit user passwords, so hit Enter again.

Step 6:

Now, comes the main part and please don't hit enter again (Just Kidding). The screen will show usernames which are available on your PC, so you have to enter that username for which you want to reset Windows password and now you can hit enter.

Step 7:

The next screen will show some advanced options no need to worry because you have to blank the password by selecting the “1” option and that's probably been already selected so just hit enter and get reset Windows Password.

Step 8:

And now, you’ll have to save what you just did. So type an exclamation point to quit (or the “!” symbol), then type the letter “y” to save all your work. Now you can reboot your computer and of course, you will able to login into Windows without any problem.

The above is the complete guide on How to Reset Windows Password without an installation CD. If you face any problem in resetting your Windows Password then put your problem/query in below comments section via the comment form.

So, that we can help you to get rid of that problem as early as possible.

Continue Reading

Security

How to Password Protect WordPress Admin Directory

Published

on

How to Password Protect WordPress Admin Directory

Recently, I have written a tutorial on “How to install WordPress using Fantastico”. Now, I hope that you all know how to install WordPress. After installing WordPress, now it's the time when we have to think about security.

And how to protect our blog from malicious attacks and deface attacks. WordPress does not provide security automatically, we have to take some measures to prevent our blog/website from being Hacked.

So, today we are traversing towards the first step of security by showing a tutorial on “How to Password Protect WordPress Admin Directory“. WordPress Admin Directory is nothing but a “wp-admin”, which enables you to login into WordPress.

By protecting this directory you will cover an extra layer of authentication for security purposes. So, in this article, we will show you a Step by Step guide on “How to Password Protect WordPress Admin directory“.

Step by Step Guide on:

How to Password Protect WordPress Admin Directory

Step 1:

Login to your cPanel. Scroll down the screen and find a section that includes a title as “Security” and in that section, you will find an icon named “Password Protect Directories“.

Step 2:

Click on that icon and then the screen will be appear asking for directory location. Now, click on the web root and then navigate to the folder where your WordPress is hosted. Then click on the /wp-admin/ folder. You will see a screen similar to the below image:

Step 3:

Afterward, in that open screen you have to simply check the box to Password Protect WordPress Admin Directory and in “Name of the protected directory” – you can put the desired name of your choice and no need to remember that name.

Step 4:

Then, in that open screen only you have to fill “username & password” and you have to remember it. Hurray! You have enabled Password Protect WordPress Admin Directory.

Step 5:

Now, When you try to login in WordPress or when you try to access your wp-admin directory, then you will see an Authentication Required box, shown in the figure below:

To Fix Too many redirects loop error

Sometimes it may happen that after you have the Password Protect WordPress Admin Directory when you try to login into WordPress account then it will show “404 Error or Too many redirects loop error“.

To fix this issue, open your main WordPress .htaccess file (cPanel > File Manager) and add the following code there before the WordPress rules start.

ErrorDocument 401 default

And your problem will be solved, now try to login to the WordPress account.

I hope you have understood and now you can Password Protect WordPress Admin Directory.

If you have any problem then don't hesitate, just put your problem-related comment via below comment form and we will surely help you resolve your problem.

Continue Reading

iOS

How to Restore Disabled Apple ID?

Published

on

how to restore disabled apple ID

Apple Inc. is a Software and Electronics company that stands at the forefront of technology and technological innovation. Based out of Cupertino, California, it specializes in developing and selling consumer electronics, software and web-based services.

Founded in 1974 by Steve Jobs, Steve Wozniak (the Woz) and Ronald Wayne, Apple is best known for innovating the personal computer, the smartphone (iPhone) and the iOS operating system; the company has created a brand image as an innovator of technology and excellence in their products.

Through the years Apple products have ranked as the most premium and top-end products, making it one of the most important and popular companies in the world today.

Having an Apple ID is very important for Apple gadget owners. And when it gets disabled, users are clueless about how to restore disabled Apple ID Ids are a common problem these days.

What Is My Apple ID?

For those who own Apple products like the Mac and iPhone, the Apple ID is a focal point of their interaction with the product. Acting as an all in one account for all your Apple device needs, it gives you access to features like the iCloud,iBooks and App Store.

Although by default it requires you to put in your credit card details to make it work, you can skip this little compulsion by trying to download a free app from the app store and clicking ‘skip’ when asked to put in your credit card details.

Your Apple ID stores important information and back-up data from your phone and Mac to make the experience of using Apple products easier and better.

You create an Apple ID when you buy your first Apple product, and it stays active for life so that any info or settings from your previous Apple products can be synced and your usage preferences reused to enhance your Apple experience.

How to Find My Apple ID?

To find your Apple ID, open up your iPhone or iPad and go to settings. Open the iCloud app and you should find your Apple ID written down there.

If you’ve completely forgotten your password and aren’t logged on, consider going to the iForgot web site (www.iforgot.apple.com) and entering your Email ID or Username to recover it.

Why Is My Apple ID Disabled?

Sometimes, however, your Apple ID can be disabled. This happens when:

  • Security password is incorrectly entered multiple times.
  • The security question is incorrectly answered several times.
  • Apple detects a security threat or hack of your Apple ID.

So, if you are thinking “Why is my Apple ID disabled?”Apple Inc. takes security very seriously, and it’s proven this time and again, most recently with the controversy, it created with the FBI.

If your Apple ID is disabled, it’s usually because they feel that your account is under attack by hackers. When this happens, you should see one of these notifications based on the device you have:

  1. “This Apple ID has been locked for security reasons.”
  2. “This Apple ID has been disabled for security reasons.”
  3. “You can't sign in because your account was disabled for security reasons.”

Whatever the relevant case is, re-enabling your Apple ID is relatively simple. But there’s a catch to this too. If you fail to unlock your Apple ID multiple times, it will block access to the unlocking system, and you will have to wait for the cool-down timer to try again; this typically takes about 24 hours.

Step by Step Guide – How to Restore Disabled Apple ID

The procedure, however, is pretty simple. All you have to do is:

  1. Open Apple Safari in your Mac or iPhone.
  2. Visit Apple’s iForgot website at iforgot.apple.com
  3. Fill out your First Name, Last Name and Current E-Mail ID in the form that appears on the site.
  4. Click ‘Next’; this will take you to the two-step verification screen.
  5. If you have two-step verification enabled, you’ll need to enter your Recovery Key; if not – skip to the next step. If you don’t have your Recovery Key, generate a new one by using your phone number. Once you’re done with this, enter the number and click ‘Next’.
  6. Enter your verification code on the next screen and press continue
  7. Apple will then ask you to reset your password – enter your new password and confirm it in the relevant boxes and click Reset on the form.
  8. Your Apple ID is now re-enabled.

Good Job! Your Apple ID is not re-enabled. You can log in from your devices again to start re-syncing data as you go!

Your Apple ID has a lot of things plugged into it, so remember to re-enable these syncs individually by opening the apps at least once. These include:

  1. Your iCloud Account – The app that syncs all your photos, videos, documents and allows you to share them easily and quickly.
  2. Your iFamilyAccount– The family extension of your Apple ID, where up to 6 people can share the same ID for music, apps and other Apple App Store related expenses.
  3. Your iTunes Account– The place where every Apple audiophile gets their music fix.
  4. Your Find my Phone Account – The GPS locator that helps you to find your phone in case you misplace or lose it.
  5. YourApp Store Account– Where you can download apps for your iPhone, iPad and other Apple products.
  6. YourFacetime Account – Apple’s patent video chatting and conferencing tool.
  7. Your iMessage Account – The easy way to send messages to your other friends who use Apple Products (especially the iPhone)

But, that’s not all! There are plenty that you might be using that need login as well. So, go through all the relevant apps and start the re-sync process.

Well, that’s all we have to say about Apple Inc. and its account recovery options. Use your Apple ID carefully in future and keep your Username and Password saved somewhere safe to make sure that this problem is never triggered again (by you at least).

We had a great time compiling this info about how to restore disabled Apple ID for you. If you have anything to say, post in the comments section below, and we’ll get back to you as soon as we can. Good luck and have fun!

Continue Reading

Security

How to Block Pop-Ups on Google Chrome

Published

on

 Pop-ups are annoying, ain't it? You open up a website, a freaking pop-up pops in. A damn irritating moment it is. If you face similar kind of irritation with the pop-ups then you must have thought that How do I stop pop-ups?.

If you have thought so, then you are in the right place.
In this article, we will let you know how to block pop-ups? And how to unblock pop-ups? (In case if you need it).

So let's get started with a simple question “What are pop-ups?”.

What are Pop-ups?

Pop-up ads or Pop-ups are a form of advertising method with a prime objective to drive traffic, collect subscriber emails and others.

Pop-ups were originated in the late 1990s. Usually, pop-ups are generated using JavaScript, though there are many other methods too it is the most widely used method.

How to block pop-ups?

Google chrome is a widely used browser developed by Google. So, we will be carrying on the tutorial with Google Chrome browser and will equip you with the knowledge of “How to block pop-ups on Google Chrome?“.

Method #1: Enabling chrome’s pop up blocking feature.

Step#1: Click on menu icon with 3 horizontal lines caged in a square box-like structure,  positioned at the extreme right corner of the chrome screen and then click on settings, that is Chrome menu icon -> Settings.


Step #2: At the bottom, there will be a link named “Show advanced settings…”. click on that.

Step #3: Under the header name “Privacy” click on the button named as “Content settings” positioned just below the Privacy.

Step #4: After clicking content settings, you will be redirected to a menu with content settings as its heading. Scroll down and look out for a section named as Pop-ups. Click on the checkbox next to which “Do not allow any site to show pop-ups(recommended)” is written.

Step #5: Click on Done and Oila!! You just made it and got the answer for “How to block pop-ups?“.

Additionally, you can also manage exceptions as if you just want to block some certain sites from showing pop-ups then you can easily do that.

Just click on the Manage exceptions… section and then type in the name of the website and then choose the block option from the drop-down menu and then click on done.

Method #2: Installing Ad-Blocking Extension.

Alternatively, you can also use existing chrome extensions in order to meet out a solution for “How to remove pop-ups?“.

Step #1: Click on the menu and then Settings.


Step #2: Click on Extensions option positioned at the extreme left just below the History option.

Step #3: Click on “Get more extensions” link at the bottom.

Step #4: Find for a suitable ad-blocker extension, there are a plethora of them. For the sake of simplicity, we are installing “Adblock plus”. Click on Adblock plus and then click on add to chrome and whoa!! You are done.

How to allow pop-ups on Google Chrome?

Step #1: Follow the first 3 steps of Method #1 under the section “How to block pop-ups on Google Chrome?”.

Step #2: Look out for Pop-ups section and click on the checkbox next to which “Allow all sites to show pop-ups” is written.

Step #3: Click on Done and you know what you just allowed pop-ups in your browser.

Moreover, Google Chrome also facilitates the user with a facility to manage exceptions, that is if the user wants certain sites to show pop-ups then the user can easily do that.

One just has to click on the Manage exceptions button which is the subordinate of the Pop-ups section and after clicking on that, the user is required to type in the website address and have to choose to allow from the menu and then click on done.

This brings us to the end of this tutorial. We hope that we were able to meet up your queries regarding “How to remove pop-ups?” and “How to enable pop-ups?“.

If you still have any other queries regarding this topic, do let us know through comments, we will be glad to help you with that.

If you like this tutorial and think that it added a worthwhile value to your knowledge base then kindly share it.

Thank you for stopping by and giving it a read.

Continue Reading

Security

How To Find And Change WiFi Password

Published

on

Passwords have been into existence since the early days of computing and since then, passwords are playing a pivotal role in terms of security.

In this internet-infused era, securing your WiFi against unauthorized access is a major concern. So, securing your WiFi is a section where you should pay the utmost heed. you can take the following measures in order to secure your wireless network[Bonus Tip]:

1: Use a strong password.
2: Change the password, time to time.
3: Restrict access by MAC address.
4: Use good network encryption.
5: Never broadcast your SSID.

Sometimes, it may happen that for the sake of securing your wireless network, you end up adding a very strong and long password to your wireless network and there is a probability that you lose it or forget it.

So, in this case, there is a number of methods to recover, find and change WiFi password.

In this tutorial, we are going to make you aware of some of those methods with which you can equip yourself with the knowledge of how to change WiFi password?

How to find and change the WiFi password?

Windows is a widely used operating system. So, this tutorial has been knitted around the different versions of windows operating system like Windows 7, 8.1, 10.

How to find the password in windows 7?

Step #1: Click on the wireless network icon positioned at the lower right corner of the taskbar.


Step #2: Right click on your wireless network name (Here: Connectify-me123) and select properties from the option.

Step #3: After clicking on properties, a dialogue box will appear. Your password is hidden as black dots, next to Network security key for safety concerns. In order to view the password, click on the checkbox next to which show characters is written.

How to change the password in windows 7?

Follow till step 3, change the password in the Network security key section and then click on OK.

How to find the password in Windows 10?

Step #1: Click on Start, select settings.


Step #2: After clicking settings, click on the Network & Internet.


Step #3: Select the network connection you want to join and select connect.


Step #4: In the task bar’s search box, enter view network connections, and then select view network connections.


Step #5: In the network connection window, select your wireless network connection, right click on it and then select a status option.


Step #6: After clicking on the status option, a dialogue box will open up. Click on wireless properties.


Step #7: After that click on security. Your password is next to the Network security key section. In order to view that, click on the checkbox next to which Show characters are mentioned and here you are with your password.

How to change the password in windows 10?

In order to change the password of your wireless network connection, follow until Step 7 and replace the existing password by entering your new password next to the Network security key section.

How to find the password in Windows 8.1?

Step #1: Swipe in from the right edge of the screen and select Search.

Step #2: In the search bar, enter Network and sharing centre and select it from the search results.

Step #3: Click on the Change adapter settings at the extreme left corner.

Step #4: Select your wifi network, right click on it, select status.

Step #5: In the Wi-Fi Status dialogue box, click on Wireless Properties>Security>check box next to Show characters.

How to change the password in Windows 8.1?

If you wish to change password, then you can easily do that. Follow the steps till 5 and then just enter your new password, replacing your old one and then all that you have to do is to click on OK button.

Find default password on your hardware.

You probably might be looking for the default password of your wireless router. In this case, try contacting your internet service provider or your router manufacturer.

In many cases, the default security key is also mentioned at the bottom of the router of the router’s documentation module.

You can look out for the terms like:
Network security key.
Security Key.
Wireless key.
WPA key.
WEP key.
WPA2 key.

Alternative method.

You can also use a third party password recovery tool to find and change your password. you can find a plethora of such tools on the internet.

For example, there is a tool by Nirsoft and is named as WirelessKeyView. It shows you the password after going through the windows registry.

This marks the end of this tutorial. Do we hope that we were efficient enough to satisfy your curiosity to know how to change the WiFi password? or how to find a WiFi password?

If you liked this tutorial or it added a worthwhile value to your intellect, then kindly share it among your base.

If you have any query regarding this subject, feel free to let us know through comments. We would love to help.

Thank You for stopping by and giving it a worthy read.

Continue Reading

Trending