The latest sustained internet attack to reach the news has affected sites which run on the WordPress platform. This hugely popular platform runs around 17% of all of the websites in the world, with its 64 million sites being read by approximately 371 million people every month.
Just over a week ago WordPress increased its security measures by adding the option of a two step log in and authentication procedure. Shortly after this change was brought in a worldwide attack targeted tens of thousands of computers, according to reports from the server hosting firms Hostgator and Cloudfare.
What happens in these attacks is that a botnet looks for a WordPress user with and the default username of Admin and then tries out thousands of possible passwords to try and get into the site.
A Few Suggestions
The founder of WordPress is called Matt Mullenweg and on his blog he suggests that everyone moves off the Admin username and starts putting on strong passwords as well. He pointed out the benefits of the two step process for authenticating users, which is involves a secret number being given out to users as well as their username and password. Installing the very latest version of WordPress is also recommended.
Mullenweg said that the botnet in question apparently has over 90,000 IP addresses, so using an IP- limiting or log in throttling plugin isn’t really going to help much.
The Chief Executive and co-founder of Cloudfare is called Matthew Prince. He said that the attack using a comparatively weak botnet and that he fears that part of the reason for this attack is to build up a stronger botnet for a bigger future attack.