Tristan’s Cybersecurity Substack

Tristan’s Cybersecurity Substack

Share this post

Tristan’s Cybersecurity Substack
Tristan’s Cybersecurity Substack
SIEM 102 — Detect WordPress bruteforce
Copy link
Facebook
Email
Notes
More
SIEM / SOC / MDR

SIEM 102 — Detect WordPress bruteforce

Tristan Dostaler's avatar
Tristan Dostaler
Nov 12, 2024
∙ Paid

Share this post

Tristan’s Cybersecurity Substack
Tristan’s Cybersecurity Substack
SIEM 102 — Detect WordPress bruteforce
Copy link
Facebook
Email
Notes
More
Share
Upgrade to paid to play voiceover

Why we need to detect WordPress bruteforce attack

WordPress is one of the most popular CMS and website server in the world. It handles “more than 30%” of the websites on the internet. Because of this, bad actors are really interested in finding ways to get control of them.

One of the most easy way for them to achieve this is by bruteforcing the login for common username and password combinaisons, including from past leaks. This is a working strategy because by default WordPress doesn’t protect against bruteforce attacks.

How do we detect a WordPress bruteforce attack

In the WordPress world, there are many ways to handle bruteforce attacks, as this is rather simple to detect. But because we are in the SIEM series, I’ll talk about how to detect the attack using a SIEM.

Keep reading with a 7-day free trial

Subscribe to Tristan’s Cybersecurity Substack to keep reading this post and get 7 days of free access to the full post archives.

Already a paid subscriber? Sign in
© 2025 Tristan Dostaler
Privacy ∙ Terms ∙ Collection notice
Start writingGet the app
Substack is the home for great culture

Share

Copy link
Facebook
Email
Notes
More