WordPress Brute Force Attack

There have been reports that a distributed attack is going on trying to brute force WordPress websites. If you run a WordPress website you should be aware that your site might come under attack. I have noticed one site that is managed by me come under attack in the last 24 hours and it has caused some higher than normal server loads.

From everything I have read and seen so far the attack attempts to brute force the WordPress login using only the admin username and random passwords but the attack uses a LARGE number of IP addresses and floods the WordPress site with attempts.

The good news is this attack seems to only try to brute force the admin user name. If you have removed the admin user name from your WordPress website they will obviously not be able to brute force an account that does not exist. You should also remember to use strong passwords and if you are up to doing some editing of your htaccess file you can help protect your wp-login and wp-admin. Hostgator has a good tutorial on how to protect your wp-login.php file if you are interested.

If you have signed up for Cloudflare you will also have an extra layer of security from this attack. They have pushed out a rule to all customers (including free customers) that will stop the attack from hitting your WordPress website. Just another great reason to use Cloudflare.

You can read more about this attack on: Sucuri Blog, Hostgator Blog and the Cloudflare blog.

If you suspect your website has been affected by this latest brute force attack and you need a hand cleaning things up or protecting your site drop me a note and I will be able to help keep your site up.

Categories: wordpress