There’s serious security problem with the default installation of the Articles blog extra: It exposes your MODX username — the one you use to log in to the Manager — on every page. This opens you up to a brute-force attack that could allow miscreants to gain complete control of your site. This vulnerability may be fixed in future versions of Articles, but for now, it’s a good idea to make some changes to your Articles Templates and Chunks.
Site hackers have bots that are visiting hundreds of thousands of web sites. They try common Administrator usernames like “admin” “root” and “webmaster” and attempt to log in with both selected passwords (e.g., dates between 1900 and the current year, common names for humans and pets, dictionary words, etc.) and random passwords generated in code. For a fairly reasonable price, you can now buy a computer designed just for this task and capable of trying millions of passwords per second. Learn More