Is your business website or blog safe? Global, Distributed WordPress Attack

Many Professional’s Websites are Being Hacked

Currently, there is an ongoing, distributed attack on WordPress sites all across the planet that has been causing quite a lot of noise. The attack is being perpetrated through a botnet of what is assumed to be mostly home computers.

Botnets Infiltrating Servers During The Global WordPress Attack

A botnet is formed by a person, or group of persons, coding an application that can hack into computers, copy itself there, and redistribute itself, as well as accepting other tasks to do from a command & control server (often an internet relay chat [IRC] channel). In this case, the botnet was instructed to try and brute-force the passwords of almost every WordPress installation worldwide. Brute-forcing a password means to iteratively guess a password until you get it right, and a properly coded brute-force attack is many thousands of times faster than attempting to brute-force a password by hand.

One concern about this attack, which is already one of the largest ever recorded, is that the goal of it is to gain access to the beefy servers these WordPress sites are installed on in order to coordinate even more powerful, and dangerous, attacks on internet sites.

How to prevent your Business’s Website From Being Hacked

There’s a number of steps you can do to prevent or mitigate issues from this attack, starting with installing the WordFence plugin on your WordPress installation, which can both scan for malware-infected files, as well as limit the number of login attempts on your site. There’s another smaller plugin for just limiting the number of login attempts that has been discussed because of this attack, called Limit Login Attempts. Cloudflare, a global CDN and security service that sits in front of your site, has also profiled the attack and mitigated it for all their customers. (including those on the free plan!)

authenticWEB has your WordPress Site Covered!

Of course, if you’re a customer of ours and host your site on our Managed WordPress Hosting, we’ve already taken all of these steps and more, so you have nothing to worry about!