Stopping Hackers – What Is One To do?

I am really at the end of my rope with hackers. I don’t know what next to do so I am creating this thread so those who might have had success can post to it and help others.

As for myself I have done everything I can think of besides paying a service to keep these hackers out of my sites. I have Sucuri set up on all my sites along with limit login attempts plugin. I keep my sites up to date and all plugins up to date. I have other plugins backing up my site every night. I currently have 6 client sites running. To my knowledge only one of them got hacked over two years ago and I cleaned that up and it has been good since.

So, I have Sucuri and LLA plugin set so they send me notices of when someone tries to login to any of my sites. MY GOD…everyday nearly all my sites are hit 50-100 times with someone or a bot trying to login into my site. It is ridiculous to say the least and very nerve racking! So I suppose that every WordPress site goes through this on a daily basis, just some don’t know about it? Is that safe to say at this point?

So, I decided to do some research on the good ole web and found one article that made sense to me. It said create an .htaccess and .htpassword file to protect the wp-login page! “Genius” I thought…”If they can’t get past that (bot or human) then they can’t try on my regular wp-admin login page and they will all go away. So, I picked one of my sites and set this up. More of a pain in the ass for me to login now, but I am not lazy and I want a healthy site so I don’t mind. i thought this would bring an end to the hackers trying to get in. Well guess what? It did not…to this day I still get notices from my Sucuri letting me know my site is still under attack. I just don’t get it…what is one to do?

Then that dreaded day came where I got a notice from Securi in my email that someone had “A successful Login.” I nearly crapped my pants right there and then. So I go check to see who and where from and it tells me the admin called “systemwpadmin” had logged in!!!! Below is the screenshot:

Click Here For Screenshot 01

Sucuri also gives me this information also:

Click here For Screentshot 02

How? So I check everything I possibly know how to do (I am not a php coder…I only develop WP sites with limited php knowledge, mind you!) I look for any file changes and there are none. i go to my phpmyadmin to see who this “systemwpadmin” user is and there is no record in existence. Nothing…and the site is fine…as far as I know.

Do anybody here in this forum knows what happened with this “systemwpadmin” login and how in the hell did they get by a password protected login page? (And yes, before someone mentions it, my passwords are all very high in security level – 17 characters of everything you can image and I never set “admin” as a log in name so rule those two out)

My point being, what is one suppose to do? I love WP and the ease of use and I have very happy clients with my work, however it is also my job to protect the investment they made and I am pulling my hair out to try to figure a way that I myself (without hiring an outside service) can protect my sites and I can have peace of mind?

Please…let’s all try and help each other here and if you have answers to this “systemwpadmin” login or any ways you have found to protect your site let’s list them here and make sure they are proven methods so others in the community will have some insight from those of you know are more knowledgeable. Many of us use WP for the “code free” ease and don’t know what to look for or how to edit when things go bad.

Thanks in advance

Logan