Brute Force Attack on WordPress Websites

There has been an attack on wordpress sites everywhere.

For further information see here

We can’t say if this site was affected, but one sister site had a plugin installed to limit the number of login attempts – and there were a lot of attempts.

Mostly the tried user name “admin” or “Admin”, but there were a few others as well. We had noticed a slow response on that website sometime last week. The hosting company apparently was able to do something about it.  But we added an additional layer of protection on our websites , which is an additional user name and password to give an authorized access – before you even get to the login panel of the individual wordpress site itself.

What they were trying to do with that logon we don’t know. We don’t think any of our sites have been affected – except for the slowdown. We use passwords with words that do not appear in any language we know, and we have digits and special characters as well. And they are different from one installation to the next.

Have you been a victim yourself? Most likely you were – and you still might be – if you own or maintain a wordpress site.

At least you should do the same as we did.

If you don’t know how, you can ask us, either explaining in detail or actually doing it – if you trust us that is.

Tuesday, April 16th, 2013 Uncategorized

No comments yet.

Leave a comment

You must be logged in to post a comment.