I wish this were a happier more upbeat post to finish the week, but sadly it isn’t. WordPress websites on hosts around the world have been attacked the last few days. It does not matter if you are hosting with me, GoDaddy, RackSpace, Dreamhost, HostGator (They host BBS’s servers) or anyone else.
This is an attack on WordPress hosts everywhere all over the globe.
My guys at HostGator, easily my favorite hosting company, sent this out late yesterday:
As I type these words, there is an on-going and highly-distributed, global attack on WordPress installations across virtually every web host in existence. This attack is well organized and again very, very distributed; we have seen over 90,000 IP addresses involved in this attack.
At this moment, we highly recommend you log into any WordPress installation you have and change the password to something that meets the security requirements specified on the WordPress website. These requirements are fairly typical of a secure password: upper and lowercase letters, at least eight characters long, and including “special” characters (^%$#&@*).
You have now changed your WordPress password, correct? Good.
The main force of this attack began last week, then slightly died off, before picking back up again yesterday morning. No one knows when it will end. The symptoms of this attack are a very slow backend on your WordPress site, or an inability to log in. In some instances your site could even intermittently go down for short periods.
We are taking several steps to mitigate this attack throughout our server farm, but in the same breath it is true that in cases like this there is only so much that can actually be done. The servers most likely to experience service interruptions will be VPS and Dedicated servers hosting high numbers of WordPress installations, due to the incredibly high load this attack has been seen to cause.
If you are hosted on a VPS or Dedicated server and you would like for us to take a more severe, heavy-handed approach to mitigate this attack, we can do this via means such as password-protecting (via .htaccess) all wp-login.php files on the server. If you would like our assistance with this, please contact us via normal support channels.
Again, this is a global issue affecting all web hosts. Any further information we could provide at this moment would be purely speculation. Our hope is that this attack ends soon, but it is a reminder that we must all take account security very seriously.
I’m keeping tabs on this issue, and will update this blog post if I receive any further news.
Please change your WordPress Password immediately
- Log into your WordPress Dashboard
- Go to Users –>Your Profile
- Scroll down to the “About Yourself” section and choose a new password that meets these requirements:
- Upper and lowercase letters
- At least eight characters long
- Including “special” characters (^%$#&@*).
- Scroll to the bottom and click on Update Profile
I hate people who write virus’s, malware, and stage attacks like this. That really, really tick me off. It hurts the integrity of the internet, hurts peoples trust in the system, and make a ton of work for guys like me. If I personally ever meet the person(s) behind this, I’m saving up something special just for them.