Our team of Geeks have been busy building a new security solution to combat the rising incidence of attacks on our customers WordPress websites.
These attacks are characterised by distributed Brute Force attacks on the WordPress admin area login page. In these attacks, the attacker sends a mass amount of login attempts, using generic usernames and passwords. What the attackers are trying to accomplish is one of two goals:
- Gain entry to WordPress. Thankfully most of our clients are using non-standard usernames (e.g. not admin) and secure passwords, so the attackers have not been very successful in this regards.
- Overwhelm the server and take it offline. As there is a lot of server side processing involved in these requests, the high volume acts like a Denial of Service (DOS) attack, and affects the servers ability to process legitimate requests
To combat these attacks, our Geeks have developed a set of security rules that are able to identify these attacks in real time. When an attack is detected, the offending attackers IP address is blocked in the servers firewall, preventing that attacker from trying more generic passwords, or overloading the server. Our team has been careful when creating these rules to ensure that legitimate attempts to log into the WordPress admin area are not affected.
These new security rules were rolled out first to our Specialised WordPress Hosting customers late last week.
As these changes have been so successful in blocking attacks, our team has now deployed these changes our to all Shared Hosting customers, as well as all Managed VPS customers and VDS/PDS customers with server management.