{"id":3128,"date":"2013-04-15T13:37:12","date_gmt":"2013-04-15T20:37:12","guid":{"rendered":"http:\/\/www.pdxtc.com\/wpblog\/?p=3128"},"modified":"2014-12-04T13:58:31","modified_gmt":"2014-12-04T20:58:31","slug":"wordpress-brute-force-attacks","status":"publish","type":"post","link":"https:\/\/www.pdxtc.com\/wpblog\/web-hosting\/wordpress-brute-force-attacks\/","title":{"rendered":"WordPress Brute Force Attacks"},"content":{"rendered":"

As pointed out over a month ago by Sucuri<\/a>, brute force attacks on WordPress are on the rise, and this past week the entire web hosting world was rocked by a coordinated and persistent attack on WordPress that has attempted (and continues to attempt) to gain access to millions of WordPress installations.<\/p>\n

The ‘official’ details are here in the \u00a0US Cert Alert<\/a>.<\/p>\n

Not only were our own servers impacted, but so were those at nearly any host you can find, and everyone from NBC News to Tech Crunch<\/a> is reporting that thousands of sites and and web-hosting reseller servers are being targeted..<\/p>\n

As reported by The Verge<\/a>\u00a0–<\/p>\n

\u00a0A huge network of over 90,000 IP addresses has been targeting WordPress blog installations with a brute force attack, attempting to gain access by using the default “admin” username by trying multiple passwords.<\/p><\/blockquote>\n

In our own case, one shared server actually logged over 12,000 requests for access in a one hour period, which of course \u00a0paralyzes the server, so on Friday we were forced to take additional measures of protection.<\/p>\n

How Are Our Hosting Customers Affected?<\/h5>\n

To combat this, going forward,\u00a0all PDXTC web hosting customers will now see this login BEFORE being granted access to their WordPress login page –\u00a0<\/strong><\/p>\n

\"bruteforce\"<\/p>\n

The username and password are *not* your WordPress password, but are one of eight different possibilities, depending upon which server your shared site is located.<\/p>\n

What is your access username and password?<\/h5>\n

To determine the username and password for your server, log into your web hosting control panel and go to the FTP \u00a0menu item.<\/p>\n

What you see there next to the title “Host Name” \u00a0will be the name of your server, beginning with the word “linux” and that is the exact\u00a0username and password for that new login screen<\/em>.<\/p>\n

\"Click<\/a>

Click to Enlarge<\/p><\/div>\n

As soon as you copy & paste that one name into both boxes, you’ll get access to the WP login that you’re looking for. We are very sorry for the inconvenience, but it was a necessary addition.<\/p>\n

The Exact Issue:<\/h5>\n

To be clear, none of our sites were compromised, but the servers were bogged down by attempts.<\/p>\n

Automated programs are out roaming the web there looking for every single \/wp-admin login page in the world, and then attempting to “guess” the often used ‘admin’ usernames by trying multiple passwords .<\/p>\n

Now this is nothing new, and in the past, multiple login attempts from specific IP addresses could be dealt with easily by webhosts or webmasters \u00a0themselves, by limiting login attempts, or blocking IP addresses entirely, and there are even some plugins that could be used.<\/p>\n

With this brute force attack however, the requesting IP address just rotates endlessly through their 90,000 IP address network, so there’s no way to get a handle on who’s trying to get in!<\/p>\n

Sadly, it’s an unfortunate \u00a0byproduct of using the most popular web platform in the world, \u00a0and we’re sorry for any inconvenience this may cause our hosting clients.<\/p>\n

How Else Can You Protect Yourself?<\/h5>\n

If you’re not a PDXTC hosting customer, there’s no doubt that your own web host has been affected too. If you’ve not heard from them yet, you will soon, trust me. This thing has brought thousands of web servers to their knees in the past 7 days.<\/p>\n

Immediately changing your admin passwords is a good start, and this recent\u00a0Krebs’ post<\/a>\u00a0has links to more tools for securing your WP blog. \u00a0Monitoring your site with something like Sucuri<\/a> is also a good idea, but ultimately,\u00a0this might be more of web hosting issue, so contact your provider to see what they recommend…<\/p>\n","protected":false},"excerpt":{"rendered":"

As pointed out over a month ago by Sucuri, brute force attacks on WordPress are on the rise, and this past week the entire web hosting world was rocked by a coordinated and persistent attack on WordPress that has attempted (and continues to attempt) to gain access to millions of WordPress installations. The ‘official’ details […]<\/p>\n","protected":false},"author":76,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","footnotes":""},"categories":[14],"tags":[],"class_list":["post-3128","post","type-post","status-publish","format-standard","hentry","category-web-hosting"],"yoast_head":"\nWordPress Brute Force Attacks<\/title>\n<meta name=\"description\" content=\"As pointed out over a month ago by Sucuri, brute force attacks on WordPress are on the rise, and this past week the entire web hosting world was rocked by\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.pdxtc.com\/wpblog\/web-hosting\/wordpress-brute-force-attacks\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"WordPress Brute Force Attacks\" \/>\n<meta property=\"og:description\" content=\"As pointed out over a month ago by Sucuri, brute force attacks on WordPress are on the rise, and this past week the entire web hosting world was rocked by\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.pdxtc.com\/wpblog\/web-hosting\/wordpress-brute-force-attacks\/\" \/>\n<meta property=\"og:site_name\" content=\"Scott Hendison's Old Search Commander Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/SearchCommander\" \/>\n<meta property=\"article:published_time\" content=\"2013-04-15T20:37:12+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2014-12-04T20:58:31+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.pdxtc.com\/wpblog\/wp-content\/uploads\/bruteforce-300x214.jpg\" \/>\n<meta name=\"author\" content=\"Scott\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@shendison\" \/>\n<meta name=\"twitter:site\" content=\"@shendison\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Scott\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.pdxtc.com\\\/wpblog\\\/web-hosting\\\/wordpress-brute-force-attacks\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.pdxtc.com\\\/wpblog\\\/web-hosting\\\/wordpress-brute-force-attacks\\\/\"},\"author\":{\"name\":\"Scott\",\"@id\":\"https:\\\/\\\/www.pdxtc.com\\\/wpblog\\\/#\\\/schema\\\/person\\\/3142c7d28dc676725ac62cd6c9de8371\"},\"headline\":\"WordPress Brute Force Attacks\",\"datePublished\":\"2013-04-15T20:37:12+00:00\",\"dateModified\":\"2014-12-04T20:58:31+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.pdxtc.com\\\/wpblog\\\/web-hosting\\\/wordpress-brute-force-attacks\\\/\"},\"wordCount\":611,\"commentCount\":3,\"image\":{\"@id\":\"https:\\\/\\\/www.pdxtc.com\\\/wpblog\\\/web-hosting\\\/wordpress-brute-force-attacks\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.pdxtc.com\\\/wpblog\\\/wp-content\\\/uploads\\\/bruteforce-300x214.jpg\",\"articleSection\":[\"Web Hosting\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.pdxtc.com\\\/wpblog\\\/web-hosting\\\/wordpress-brute-force-attacks\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.pdxtc.com\\\/wpblog\\\/web-hosting\\\/wordpress-brute-force-attacks\\\/\",\"url\":\"https:\\\/\\\/www.pdxtc.com\\\/wpblog\\\/web-hosting\\\/wordpress-brute-force-attacks\\\/\",\"name\":\"WordPress Brute Force Attacks\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.pdxtc.com\\\/wpblog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.pdxtc.com\\\/wpblog\\\/web-hosting\\\/wordpress-brute-force-attacks\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.pdxtc.com\\\/wpblog\\\/web-hosting\\\/wordpress-brute-force-attacks\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.pdxtc.com\\\/wpblog\\\/wp-content\\\/uploads\\\/bruteforce-300x214.jpg\",\"datePublished\":\"2013-04-15T20:37:12+00:00\",\"dateModified\":\"2014-12-04T20:58:31+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/www.pdxtc.com\\\/wpblog\\\/#\\\/schema\\\/person\\\/3142c7d28dc676725ac62cd6c9de8371\"},\"description\":\"As pointed out over a month ago by Sucuri, brute force attacks on WordPress are on the rise, and this past week the entire web hosting world was rocked by\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.pdxtc.com\\\/wpblog\\\/web-hosting\\\/wordpress-brute-force-attacks\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.pdxtc.com\\\/wpblog\\\/web-hosting\\\/wordpress-brute-force-attacks\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.pdxtc.com\\\/wpblog\\\/web-hosting\\\/wordpress-brute-force-attacks\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.pdxtc.com\\\/wpblog\\\/wp-content\\\/uploads\\\/bruteforce.jpg\",\"contentUrl\":\"https:\\\/\\\/www.pdxtc.com\\\/wpblog\\\/wp-content\\\/uploads\\\/bruteforce.jpg\",\"width\":359,\"height\":257},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.pdxtc.com\\\/wpblog\\\/web-hosting\\\/wordpress-brute-force-attacks\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.pdxtc.com\\\/wpblog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"WordPress Brute Force Attacks\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.pdxtc.com\\\/wpblog\\\/#website\",\"url\":\"https:\\\/\\\/www.pdxtc.com\\\/wpblog\\\/\",\"name\":\"Scott Hendison's Old Search Commander Blog\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.pdxtc.com\\\/wpblog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.pdxtc.com\\\/wpblog\\\/#\\\/schema\\\/person\\\/3142c7d28dc676725ac62cd6c9de8371\",\"name\":\"Scott\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/ba275e23c0aad37526141e715b54cd3eeac27b071e4395b2b39e801ca68355d6?s=96&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/ba275e23c0aad37526141e715b54cd3eeac27b071e4395b2b39e801ca68355d6?s=96&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/ba275e23c0aad37526141e715b54cd3eeac27b071e4395b2b39e801ca68355d6?s=96&r=g\",\"caption\":\"Scott\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/shendison\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"WordPress Brute Force Attacks","description":"As pointed out over a month ago by Sucuri, brute force attacks on WordPress are on the rise, and this past week the entire web hosting world was rocked by","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.pdxtc.com\/wpblog\/web-hosting\/wordpress-brute-force-attacks\/","og_locale":"en_US","og_type":"article","og_title":"WordPress Brute Force Attacks","og_description":"As pointed out over a month ago by Sucuri, brute force attacks on WordPress are on the rise, and this past week the entire web hosting world was rocked by","og_url":"https:\/\/www.pdxtc.com\/wpblog\/web-hosting\/wordpress-brute-force-attacks\/","og_site_name":"Scott Hendison's Old Search Commander Blog","article_publisher":"https:\/\/www.facebook.com\/SearchCommander","article_published_time":"2013-04-15T20:37:12+00:00","article_modified_time":"2014-12-04T20:58:31+00:00","og_image":[{"url":"https:\/\/www.pdxtc.com\/wpblog\/wp-content\/uploads\/bruteforce-300x214.jpg","type":"","width":"","height":""}],"author":"Scott","twitter_card":"summary_large_image","twitter_creator":"@shendison","twitter_site":"@shendison","twitter_misc":{"Written by":"Scott","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.pdxtc.com\/wpblog\/web-hosting\/wordpress-brute-force-attacks\/#article","isPartOf":{"@id":"https:\/\/www.pdxtc.com\/wpblog\/web-hosting\/wordpress-brute-force-attacks\/"},"author":{"name":"Scott","@id":"https:\/\/www.pdxtc.com\/wpblog\/#\/schema\/person\/3142c7d28dc676725ac62cd6c9de8371"},"headline":"WordPress Brute Force Attacks","datePublished":"2013-04-15T20:37:12+00:00","dateModified":"2014-12-04T20:58:31+00:00","mainEntityOfPage":{"@id":"https:\/\/www.pdxtc.com\/wpblog\/web-hosting\/wordpress-brute-force-attacks\/"},"wordCount":611,"commentCount":3,"image":{"@id":"https:\/\/www.pdxtc.com\/wpblog\/web-hosting\/wordpress-brute-force-attacks\/#primaryimage"},"thumbnailUrl":"https:\/\/www.pdxtc.com\/wpblog\/wp-content\/uploads\/bruteforce-300x214.jpg","articleSection":["Web Hosting"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.pdxtc.com\/wpblog\/web-hosting\/wordpress-brute-force-attacks\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.pdxtc.com\/wpblog\/web-hosting\/wordpress-brute-force-attacks\/","url":"https:\/\/www.pdxtc.com\/wpblog\/web-hosting\/wordpress-brute-force-attacks\/","name":"WordPress Brute Force Attacks","isPartOf":{"@id":"https:\/\/www.pdxtc.com\/wpblog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.pdxtc.com\/wpblog\/web-hosting\/wordpress-brute-force-attacks\/#primaryimage"},"image":{"@id":"https:\/\/www.pdxtc.com\/wpblog\/web-hosting\/wordpress-brute-force-attacks\/#primaryimage"},"thumbnailUrl":"https:\/\/www.pdxtc.com\/wpblog\/wp-content\/uploads\/bruteforce-300x214.jpg","datePublished":"2013-04-15T20:37:12+00:00","dateModified":"2014-12-04T20:58:31+00:00","author":{"@id":"https:\/\/www.pdxtc.com\/wpblog\/#\/schema\/person\/3142c7d28dc676725ac62cd6c9de8371"},"description":"As pointed out over a month ago by Sucuri, brute force attacks on WordPress are on the rise, and this past week the entire web hosting world was rocked by","breadcrumb":{"@id":"https:\/\/www.pdxtc.com\/wpblog\/web-hosting\/wordpress-brute-force-attacks\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.pdxtc.com\/wpblog\/web-hosting\/wordpress-brute-force-attacks\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.pdxtc.com\/wpblog\/web-hosting\/wordpress-brute-force-attacks\/#primaryimage","url":"https:\/\/www.pdxtc.com\/wpblog\/wp-content\/uploads\/bruteforce.jpg","contentUrl":"https:\/\/www.pdxtc.com\/wpblog\/wp-content\/uploads\/bruteforce.jpg","width":359,"height":257},{"@type":"BreadcrumbList","@id":"https:\/\/www.pdxtc.com\/wpblog\/web-hosting\/wordpress-brute-force-attacks\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.pdxtc.com\/wpblog\/"},{"@type":"ListItem","position":2,"name":"WordPress Brute Force Attacks"}]},{"@type":"WebSite","@id":"https:\/\/www.pdxtc.com\/wpblog\/#website","url":"https:\/\/www.pdxtc.com\/wpblog\/","name":"Scott Hendison's Old Search Commander Blog","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.pdxtc.com\/wpblog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.pdxtc.com\/wpblog\/#\/schema\/person\/3142c7d28dc676725ac62cd6c9de8371","name":"Scott","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/ba275e23c0aad37526141e715b54cd3eeac27b071e4395b2b39e801ca68355d6?s=96&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/ba275e23c0aad37526141e715b54cd3eeac27b071e4395b2b39e801ca68355d6?s=96&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/ba275e23c0aad37526141e715b54cd3eeac27b071e4395b2b39e801ca68355d6?s=96&r=g","caption":"Scott"},"sameAs":["https:\/\/x.com\/shendison"]}]}},"_links":{"self":[{"href":"https:\/\/www.pdxtc.com\/wpblog\/wp-json\/wp\/v2\/posts\/3128","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.pdxtc.com\/wpblog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.pdxtc.com\/wpblog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.pdxtc.com\/wpblog\/wp-json\/wp\/v2\/users\/76"}],"replies":[{"embeddable":true,"href":"https:\/\/www.pdxtc.com\/wpblog\/wp-json\/wp\/v2\/comments?post=3128"}],"version-history":[{"count":0,"href":"https:\/\/www.pdxtc.com\/wpblog\/wp-json\/wp\/v2\/posts\/3128\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.pdxtc.com\/wpblog\/wp-json\/wp\/v2\/media?parent=3128"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.pdxtc.com\/wpblog\/wp-json\/wp\/v2\/categories?post=3128"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.pdxtc.com\/wpblog\/wp-json\/wp\/v2\/tags?post=3128"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}