If you’re using WordPress as a platform for your website, you may need to step up your security measures after it was revealed that the service has come under a sustained attack from a bitnet. In particular, sites that are at risk appear to be those that have not taken steps to boost their protection and rely on default options, so if this applies to you, it could be vital for you to take steps.
Admin passwords guessed
The controllers of the botnet behind the attack seem to be taking advantage of the fact that a large number of WordPress users have never changed their username from admin, which is used as the default by many companies.
Hackers are therefore targeting these machines with a brute force attack that is trying thousands of possible passwords combinations to go along with this username in an attempt to gain access.
Founder of WordPress Matt Mullenweg therefore urged users to change their username, ensure they have strong passwords and turn on two-factor authentication, which was introduced earlier this month to make the service more secure.
“Do this and you’ll be ahead of 99% of sites out there and probably never have a problem. Most other advice isn’t great – supposedly this botnet has over 90,000 IP addresses, so an IP limiting or login throttling plugin isn’t going to be great,” he said.
The attack has the potential to cause widespread problems to users of the site. More than 64 million websites around the world are said to currently rely on WordPress, which are read by over 370 million people each month.
The incident could serve to remind website owners of the importance of taking basic security measures in order to protect their site from attack. It’s one thing to fall victim to highly complex, up-to-date attacks, but being compromised because of easily-preventable problems such as failing to undergo simple username and password best practices is something that should never happen.