Important Security Notice - Wordpress Related

[Sshadow]

I thought I would let you guys know about something that Cloudflare just informed it's partners about. Here is a quote from their email.

CloudFlare Partners:

We've been monitoring a brute force attack against WordPress installations. Details about the attack are available at http://blog.cloudflare.com/patching-the ... rdpress-br.

We have rolled out protection against this attack in the CloudFlare Free plan. This attack is significant. We've seen more than 100,000 unique IP addresses participating in it.

While this attack is ongoing you should consider enabling CloudFlare Free or higher for any customer using WordPress.

As stated above you can get further info here http://blog.cloudflare.com/patching-the ... rdpress-br

I will sticky this for a day just to get the word out as this is looking pretty serious for Wordpress sites. Please do not panic about this though that is not my intention. I just want FP users to be informed.

Edit - This plugin can help as well and looks good for all around security http://wordpress.org/extend/plugins/lim ... -attempts/

 

[Quacker Jack]

This sounds quite serious indeed. Is this an issue that is caused by CloudFlare, or are they just distributing that information?

 

[Aly]

Thank you for posting this.

Since I'm not using "admin" as a username, should I be rather safe from this?

 

[Sshadow]

This sounds quite serious indeed. Is this an issue that is caused by CloudFlare, or are they just distributing that information?

Cloudflare is distributing the information and have devised a way to block it as well for those who use their service. If you happen to have an account on a server(s) who are partnered with CF like we are then you can enable it directly through your cPanel. Otherwise you can sign up for a free CF account. I am still researching the effect of firewalls mitigating the attack as well so will let you know what I find out.

Thank you for posting this.

Since I'm not using "admin" as a username, should I be rather safe from this?

For now you are "safe" in regards to the attack. However if targeted you would still suffer a performance hit.

Edit - I added a new link to my OP.

 

[Ashley]

Thank you for posting this.

Since I'm not using "admin" as a username, should I be rather safe from this?

I would think so. I'm not using the username "admin" either. Haven't done that since I first started out five years ago. Used my first name ever since.

 

[Quacker Jack]

This sounds quite serious indeed. Is this an issue that is caused by CloudFlare, or are they just distributing that information?

Cloudflare is distributing the information and have devised a way to block it as well for those who use their service. If you happen to have an account on a server(s) who are partnered with CF like we are then you can enable it directly through your cPanel. Otherwise you can sign up for a free CF account. I am still researching the effect of firewalls mitigating the attack as well so will let you know what I find out.

Interesting. Thanks for posting this Sshadow. Please keep us posted. Your hosting background will come in handy. 😉

 

[Luke]

My password is probably to hard to hack, it's just random letters, numbers and symbols.

Thanks for the information though 😉

 

[squeeksplace]

Wordpress being hacked

I've just received an email from my webhost stating that if i have wordpress on my account to quickly change the username and password as there is a bot called botnet going around hacking wordpress powered websites.

It is currently using 90.000 ip addresses and if you use the default username "admin" it can easily find out your password.

read more here http://wpsites.net/wordpress/security-a ... urce=pubv1

 

[LunarScorpio]

Merged the two topics on this subject.

 

[squeeksplace]

ok lunar thanks