Have bloggers using WordPress become more surly lately? We can’t answer that. But, if they did, they’d have good reason. A study by one security company says in the last few months WordPress customer login pages have been having “issues” in the form of 30 to 40,000 attacks per day. “In April 2013, (the number of attacks) increased to 77,000 per day on average, reaching more than 100,000 attempts per day in the last few days,” says Web-hosting company, IXWebHosting.
Now it appears a botnet with more than 90,000 servers has been attempting to log in by cycling through different usernames and passwords. Mohit Kumar, Founder and Editor-in-Chief of thehackernews.com, observes that the attacks have had an impact on Linux servers. Addressing the issue, hosting administrators have blocked all connections to wp-login.php.
Hostgator tells its customers, “At this moment, we highly recommend you log into any WordPress installation you have and change the password to something that meets the security requirements specified on the WordPress website. These requirements are fairly typical of a secure password: upper and lowercase letters, at least eight characters long, and including ‘special’ characters (^%$#&@*).”
Spiral Hosting issued this notice, “A large botnet has been attempting to break into WordPress websites by continually trying to guess the username and password to get into the WordPress admin dashboard. This is affecting almost every major web hosting company around the world. Our Network Operations Centre (NOC) has detected a significant increase in botnet activity in the last 24 hours.”
Kumar’s article contains two pieces of advice. One is that users should utilize .htaccess to protect their admin area and rename login pages. The second is to stay tuned to Twitter and Facebook WordPress pages for more information.