Date: Monday, February 10, 2014
Subject:[WordPress Security] Large distributed brute force attack on WordPress sites underwayDear WordPress Publisher,
As of 11am eastern time this morning we are monitoring the largest distributed brute force attack on WordPress installations that we’ve seen to date. The real-time attack map became so busy that we’ve had to throttle the amount of traffic we show down to 4% of actual traffic.
A brute force attack is when an attacker tries many times to guess your username password combination by repeatedly sending login attempts. A distributed brute force attack is when an attacker uses a large number of machines spread around the internet to do this in order to circumvent any blocking mechanisms you have in place.
If you’re using the free or paid version of Wordfence you should have the option to “Participate in the real-time Wordfence security network” under ‘Other options’ enabled. This will immediately block any attack originating from an IP address that has attacked other WordPress sites using Wordfence. This is an effective defense against this kind of attack.We recommend that until this passes you monitor your WordPress websites closely for unusual activity including logins, account creation or changes to the public facing website.
If you have already purchased the WP-SUB Package, then your site is safe. We monitor your sites daily and use MULTIPLE plugins to protect it, back it up & update it.
If you have NOT – please consider purchasing it today to protect your investment.
YEARLY ($399): Click here to purchase our WP-SUB Yearly Package
MONTHLY ($47): Click here to purchase our WP-SUB Monthly Package
Lastly, please help us spread the word & share this information with others. Use the Social Sharing buttons found at the top and bottom of this article to share it on Facebook, Twitter or any other sites you use to help spread the word. OR you can copy and paste this info into an email. It is IMPERATIVE that we get the word out as soon as possible. Many people do not know about this and their sites are the ones who are most vulnerable.
WordPress Security – Large distributed brute force attack on WordPress
As you know I have recently been telling EVERYONE to look into protecting their WordPress site by purchasing my WP-SUB (WordPress Security, Updates & Backups) package. I created this package recently out of the need to help protect the sites I have built when several of our clients sites were wiped out completely by successful hack attempts. I am asking you for help in spreading the word regarding this package. Here is why. Yesterday I received an email from one of our Premium Security plugins we use to protect your site. It said: