Few days back, my wife’s self-hosted WordPress blog was under Brute-force attack. Someone was relentlessly trying to get through the admin authentication page for almost 6 hours straight. I will give credit to a number of safeguards we have applied that kept the battle going so long. Based on the logs, it started somewhere around midnight while we were asleep and continued until early morning when an SMS notification on my mobile alerted me to put an end to it. When I told my wife about it, she wondered how on earth I came to know that her blog is under attack.
Talking about safeguards, the least you can do to secure your blog is to have a strong and unique password. I research a lot about password and share my findings on this blog. Go through this checklist to see if your password falls into the “weak” category. If you have a weak password, the battle will be lost much before it reaches Brute-force attack stage. I also wrote about various tools and techniques to generate and manage passwords and take the pain out of remembering the complex passwords.
There are a bunch of other things you can do to secure your blog/site. However, as the title suggests, we will focus on how to get SMS alerts when your WordPress site/blog is under attack. It takes around 15-20 minutes to set this up but it is well worth the effort.
To cook this recipe (no, I’m not talking about an IFTTT recipe here), you need two main ingredients.
- Google 🙂
- Limit Login Attempts plug-in for WordPress
We need to use number of Google services to cook it up. This includes Gmail (labels and filters), Google Calendar (notifications) and a Google Drive Spreadsheet with Google Apps Script to tie it all together. But first of all, you should install Limit Login Attempts plug-in for your self-hosted WordPress blog. This alone is good enough to give you a good night’s sleep. It is simple but powerful plug-in. You should read a short overview by wpbeginner (if you are in a hurry) or a detailed summary (recommended) by How To WordPress 2.0 about this plug-in.
If you have read any of the above posts, by now you must have understood that, Limit Login Attempt blocks the IP after a defined number of unsuccessful login attempts. It also provides an option to get email notification after a certain number of lockouts. Check this option to enable email notification to site administrator after 1 lockout so that you start getting notifications as soon as the attack begins.
As I mentioned Google in this recipe, I would recommend that your blog’s admin email account be managed by Gmail. So next, we need to configure your Gmail quickly.
- Create a new label in Gmail and call it “sendsms”.
- Now your Gmail is set. Every new email coming from [email protected] i.e. potential email notifications coming from Limit Login Attempts, will now have sendsms label applied automatically.
- Next, we need to setup your Google Calendar so that it sends you SMS for the new events.
- Open Google Calendar and go to Settings (Gear icon on top right corner).
- Click on Mobile Setup tab and complete the setup by selecting your country, mobile number and received verification code.
- You may create a new calendar or use an existing one. Go to Reminders and notifications for your calendar and check the SMS option for the new events. This will ensure that you get an SMS notification for every new event.
So essentially, what we are trying to bake here is that, for every email notification of lockout by Limit Login Attempts, we will create an event in Calendar upon which you will receive an SMS. How to make this happen? This is where this useful Google Apps Script from Tech Awakening is handy. This allows you to get SMS alerts for new and important emails on Gmail with Google Docs. This is what you need to do.
- Make a copy of this spreadsheet. Just click on the link and select “Yes, make a copy” when prompted.
- Select Tools and open Script Editor. This will open the Google Apps Script attached to this spreadsheet.
- Select Resources and go to Current projects’s triggers.
- We need to add a new trigger so click Add a new trigger link.
- Select Time-driven, Minutes timer and every minute and save it.
- You will get a pop-up asking for authorization. Click Continue to grant the necessary access.
- Now click close and save the trigger again.
That’s it, it is all done. From now on, this spreadsheet in your own Google Drive will be monitoring your Gmail account every minute. As soon as the email arrives, which qualifies the filter we have created earlier, our new label sendsms will be applied . For every new email with this label, a new event will be created in your calendar and you will receive SMS notification for it.