WordPress Botnet Attack Taking Place – Protect Yourself
Looking at the reports from these companies, the WordPress botnet attack seems to be a simple dictionary brute-force attack that is aimed at the WordPress admin back-end. The aim is to gain access to your ‘admin’ account by way of guessing the password from a list of thousands, or even millions. Once in, the aim is to then infect the server that your WordPress site sits on in order to gain more power for additional attacks on other targets.
At the moment it is indicated that the WordPress botnet attacks are coming from a large number (in the thousands) of “normal” computers. As previously mentioned, the aim of this attack is to gain access to your servers as they have much more power and bandwidth so can be used with much more effect on other attacks.
Coincidentally, I wrote an article yesterday on some of the best plugins for securing WordPress. Using these simple tools coupled with good security practices like renaming your admin URL, not having the username “admin”, using complex password, and locking accounts out after a number of unsuccessful attempts should all but eradicate this WordPress botnet.
If you’re using Cloudflare then you will already be protected from this WordPress botnet as they have already pushed out a fix to all users that detects the attackÂ signatureÂ and blocks it, as they have seen the attack attempt on most of their WordPress customers. However, that doesn’t mean that you shouldn’t remain vigilant and run best security practices yourselves.
Have you been on the receiving end of this WordPress botnet attack? Or are you taking steps to block it? As always your thoughts and comments are welcome below…