Massive botnet attack

Update March 6 2319 local: It’s finally over at just a few minutes before midnight. I tried tallying the number of login attempts, but they were too numerous and too fast to total. There were thousands.

*

There’s a massive botnet attack going on right now that is targeted at WordPress blogs. How do I know? This blog is one of the targets for the botnet attack. So far, thanks to the free plugin Wordfence, I’ve been unaffected, and I’m getting many hundreds – if not a thousand – hits an hour.

If you’ve got a WP blog as an independent web site, I strongly recommend that you log in, select Plugins / Add new and type in Wordfence to get a plugin that will negate the targeted attack.

Once you’ve done that and activated Wordfence in your sidebar Plugins, locate Wordfence in the sidebar menu and select Options:

We recommend ensuring that all your WordPress admin accounts are using strong passwords, that you have Wordfence installed and the number of login failures set to 20 or less on the Wordfence options page. [ mine is set to 5 ]

You should have “Count login failures over what time period” set to 5 minutes and “Amount of time a user is locked out” set to 1 hour. An hour may not seem like much, but it will effectively defeat a password guessing attack. [ I’ve set mine for one day until this silliness is over ]

We also recommend you enable “Participate in the Real-Time WordPress Security Network” because this will immediately lock out any attacks from the Botnet that is responsible for the current attack. [ this may be already selected ]

You’re welcome and good luck.

Leave a Reply