Global Attack on WordPress

  • Wednesday, 17th June, 2015
  • 15:07pm
Hello Members,

Recently several of our clients reported having issues with logging into their WordPress Admins. This issue you're currently experiencing with Wordpress is due to the Global Wordpress attack that has been on-going since the beginning of 2014.

A botnet of over 90,000 machines, is attempting to globally brute force and hack into wp-login.php which is the file that Wordpress users use to login to Wordpress. 

The attack is sending thousands of requests at one time to attempt to login to your Wordpress installation via wp-login.php in an attempt to gain access to make it part of the growing botnet.

Yesterday we enabled a server wide ACL that blocks all access to wp-login.php unless the IP is whitelisted. I just removed the block so you now have access to your Wordpress admin area.

Recommendations:
-Changing your default admin username for wp-admin to a different username as the attack is specifically targeting the admin username.

-Placing a browser-based password on wp-login.php

The link immediately below will explain how to do this:
http://codex.wordpress.org/Brute_Force_Attacks#Password_Protect_wp-login.php

Additional information about the attack can be found here:
http://blog.skunkworks.ca/brute-force-attack-targeting-sites-running-wordpress/


Thank you.

------------------------------------------------------------------------------------------------------------
« Back