Global WordPress Attacks

  • I know this will more than likely get moved but it needs to be be posted some where for everyone to see.

    Most all web hosts and even my personal self hosted WordPress Install has been under brute force attacks for the past few days. I did not think of it as I was blocking the connection with a firewall This global attack as kill over 90,000 WordPress installs basically by flooding the WordPress wp-login.php with bogus login information.
    You site will become unresponsive at times and extremely slow at other times.

    If you can log in,
    – change your user name from admin
    – change your password to a awesome strength password
    – Install a plugin that changes the wp-login.php path
    – Start taking security seriously

    Blogs all around are talking about it right now.

    https://blog.hostgator.com/2013/04/11/global-wordpress-brute-force-flood/

    Steps to limit the load.

    Right now I have only seen a few.

    – Better WP Security Plugin
    – .htaccess wp-admin
    – Apache mod installs like geoip

Viewing 2 replies - 1 through 2 (of 2 total)
Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Global WordPress Attacks’ is closed to new replies.