Important Security Update: Global Brute Force WordPress Attack
WordPress remains one of the most secure website solutions (if secured properly by our team of trusted IT security specialists). Trust our team of trusted IT security specialists to make sure your WordPress website is secured.
WordPress sites across the web have recently been targeted by an extensive distributed brute force attack. The attack attempts to gain access to the administrator account on WordPress sites by systematically running through a variety of password iterations. Since the attack originates from thousands of different IP addresses, it is difficult to block at the network level.
Last night the attack impacted performance for several websites across the Internet, regardless of whether WordPress was installed on their site. Our IT security and support teams have worked, and have taken several proactive measures to mitigate the security threat for those client websites our team protects. In some cases, we temporarily disabled the ability to log in to WordPress sites that were under attack – which also protected these sites from being compromised. As of this morning, April 11, 2013, all servers are back to normal performance levels and login functionality has been restored.
If you have installed WordPress on your site please take a minute or two to make sure your site is protected against attacks like this one. Here are some basic security tips:
Our IT service professionals will stay vigilant and will continue to proactively respond to any security threats as they arise. Although this attack is particularly extensive, it is unfortunately not uncommon. The single most important thing you can do to protect any aspect of your account (e-mail, FTP, other web apps, etc…) is to use very strong passwords, and insist that your clients / users do the same.
Do you have any questions? Contact our team of IT professionals today.
Have A Technology Question?