Thread: Huge attack on WordPress sites

Huge attack on WordPress sites

Just though everyone might want to know about this if you didn't already;
http://arstechnica.com/security/2013...-super-botnet/

Just use Blacklist IP - which now has an auto blacklist after whatever log-in times you like to set, that solve the issue.

Unfortunately this attack is coming from up to 90,000 IP addresses so while those plugins are a good idea it won't solve the issue completely.

From what I have read they are going after the username "admin" + plus variations on that and all the obvious passwords. So choosing a more secure username and password is the first step. There is another article here with some tips on how to guard against the attack; http://ithemes.com/2013/04/15/ongoin...and-solutions/

I use this plugin and it works great, its extended to Honeypot project and a DB of IP monitoring, definitely recommend it.