There is an ongoing attack on WordPress sites sweeping across the web and your install could be next.
Using more than 90,000 IP addresses, this attack is cracking admin logins on weak WordPress systems. One web hosting company warned that these attacks are part of a process of building a botnet that is “more destructive than those available today.”
According to Matthew Prince, CEO of CloudFlare,
These larger machines can cause much more damage in DDoS [distributed denial-of-service] attacks because the servers have large network connections and are capable of generating significant amounts of traffic.
Is your WordPress as safe as it could be?
Prince goes on to say that “the distributed attacks are attempting to brute force the administrative portals of WordPress servers, employing the username ‘admin’ and 1,000 or so common passwords. He said the attacks are coming from tens of thousands of unique IP addresses, an assessment that squares with the finding of more than 90,000 IP addresses hitting WordPress machines hosted by HostGator” according to ars technica.
What You Can Do
Here’s what you can do to keep your WordPress install safe:
- Install a Limit Login Attempts plugin.
- Update your login passwords ASAP, using at least eight characters, upper and lower case, numbers and special characters.
- Remove, replace or change the “admin” username.
- Considering adding Better WP Security.
- And possibly adding CloudFlare, as they automatically block logins that resemble brute-force attacks.
Please, take these recommandations into consideration, as ars technica has pointed out:
“… readers who run WordPress sites are strongly advised to lock down their servers immediately. The effort may not only protect the security of the individual site. It could help safeguard the Internet as a whole.”
Be a responsible Internet citizen and respected WordPress user by taking the necessary precautions to not only keep your own website safe, but the Internet as a whole.