11Apr

DDOS Attacks Against WordPress Installations


For about 2 hours today, we experienced a DDOS attack against the estimated four thousand WordPress installations hosted on our web hosting platform. During this time customer WordPress installs were still accessible, but were degraded in performance.

It looks like the attacker was trying to (unsuccessfully) brute force the wp-login.php page, in an attempt to gain access to the WordPress admin interfaces.

We’ve managed to squash about 90% of the junk traffic, returning service levels back to normal. The remainder of the traffic should die out over the next few hours.

Customers are encouraged to re-evaluate their WordPress admin interface passwords, and to ensure that their WordPress installations, and any installed plugins, are fully up-to-date.

UPDATE:

TechCrunch posted an article about this with some more details:

http://techcrunch.com/2013/04/12/hackers-point-large-botnet-at-wordpress-sites-to-steal-admin-passwords-and-gain-server-access/