Friday, April 12, 2013

Update: Global Wordpress Attacks Still Going, but Muffled

Status Update: Global Wordpress Attacks

The global attacks on Wordpress sites (and now, other sites as well) are still going, although the Wordpress attacks themselves have been significantly mitigated by most web hosts as well as security services like CloudFlare through a combination of techniques specifically designed to combat this particular and unusually effective attack.

Thursday, April 11, 2013

Global Wordpress Brute-force Attacks

Your Wordpress site is under attack right now

Right now there is a very severe and global attack on all Wordpress sites on the Internet.

New status update on the Wordpress attacks as of 11pm Eastern time April 12, 2013.

UPDATE: It seems everyone is advising people to install either Limit Login Attempts or a Wordpress Security Plugin. DO NOT DO THIS. This will not only fail to block the attack, it could crash your server. These attacks come in too fast from too many IP addresses. Please follow this guide instead.

Update 2: Matt Mullenweg, the creator of Wordpress, has confirmed that plugins should NOT be used in this situation:

Most other advice isn’t great — supposedly this botnet has over 90,000 IP addresses, so an IP limiting or login throttling plugin isn’t going to be great
- from TheNextWeb: Brute force attacks on Wordpress continue...

Update 3: They are now providing the correct HTTP_REFERER value, so the htaccess blocking is not always effective.

This is not a joke or a hoax - your site is at risk and may be hacked and sending spam right now.

What all Wordpress site owners need to do right now on all sites