RSS

Hackers Target WordPress Sites: Change Your Passwords NOW

15 Apr

Hackers Target WordPress Sites: Change Your Passwords Now

REBLOGGED by DogDaz: Posted by Katy Ryan Schamberger on April 13, 2013 ·

Although it’s always a good idea to regularly change your passwords, it’s an especially smart idea in light of news that WordPress is under a significant attack. The brute-force dictionary-based attack is an attempt to find passwords for the “admin” accounts that WordPress creates by default, according to TechCrunch.

HostGator, which, along with CloudFlare, first broke news of the attack, believes that about 90,000 IP addresses are currently involved.

“As for the scope of the attack, [CloudFlare CEO Matthew] Prince says that CloudFlare saw attacks on virtually every WordPress site on its network.”

How To Protect Your WordPress Site From Attack

There are several things you can do to help protect your WordPress site from the attack—and we recommend doing them immediately.

Change Your Password

Even if you’ve recently changed your password, change it again—and, please, make it difficult. Use random letters, numbers and symbols to create a combination that’s hard to guess or hack.

Change Your User Name

This attack is specifically targeting accounts with the “admin” user name, so if you haven’t changed this default setting, do it now. Change it to your name, your company’s name—anything other than admin will add an extra layer of protection to your site.

Install A Plugin

Want to add an additional layer of security to your site or blog? Consider installing a WordPress plugin that limits the number of login attempts from the same IP address or network. This isn’t a foolproof method—as TechCrunch points out, many hackers have a large number of IP addresses and/or networks at their disposal. Still, when it comes to security, you can never have too much—and if a plugin gives you some additional peace of mind, we say go for it.

We recommend taking these steps as soon as you can. This initial attack may be stopped at any time, but a scary prediction from the CloudFlare team indicates that this may only be a precursor to a larger event.

“One of the concerns of an attack like this is that the attacker is using a relatively weak botnet of home PCs in order to build a much larger botnet of beefy servers in preparation for a future attack. These larger machines can cause much more damage in DDoS attacks because the servers have large network connections and are capable of generating significant amounts of traffic.”

We’ll be sure to keep you updated on the attack. In the meantime, go change your password and user name…now!

Filed under Featured Articles, Tactics and Tips, Technology news · Tagged with change wordpress user name, change your wordpress passwords, cloudflare, hostgator, limit login wordpress plugins, online security tips, protect wordpress sites, security plugins for wordpress, tech news, wordpress attack, wordpress dictionary-based attack, wordpress news, wordpress safety tips, wordpress security

13 Comments

Posted by DogDaz on April 15, 2013 in Uncategorized

Tags: change wordpress user name, change your wordpress passwords, cloudflare, DogDaz, hostgator, limit login wordpress plugins, lorian lipton, online security tips, postaday, protect wordpress sites, security plugins for wordpress, tech news, wordpress attack, wordpress dictionary-based attack, wordpress news, wordpress safety tips, wordpress security

13 responses to “Hackers Target WordPress Sites: Change Your Passwords NOW”

mollieandalfie

April 15, 2013 at 10:54

Thanks for the info, we had no idea attackers were on the march 🙂 Have a wonderful Monday xxooxx

Mollie and Alfie

LikeLike
- dogdaz
  
  April 15, 2013 at 11:18
  
  You are very welcome. Happy day to you also
  
  LikeLike
catchatcaren

April 15, 2013 at 11:31

just changed my password and am going to install a plug-in thanks!

LikeLike
- dogdaz
  
  April 15, 2013 at 11:51
  
  you’re welcome
  
  LikeLike
Gizmo

April 15, 2013 at 11:41

You know what the problem with all this is? If I change it I have to remember it and then relog in to all my devices where I have it stored…and if you know me at all you know I’ll never get it right…This is very frustrating to me but thanks for sharing the info

LikeLike
- dogdaz
  
  April 15, 2013 at 11:51
  
  same here, but worth it in the end,
  
  LikeLike
barkandchatter

April 15, 2013 at 19:26

Thanks so much for the info!!! I had heard about a couple of days ago, but I so much appreciate the specifics! 🙂

LikeLike
- dogdaz
  
  April 15, 2013 at 22:12
  
  You are very welcome. We have to keep each other safe.
  
  LikeLike
monicastangledweb

April 16, 2013 at 00:09

Thanks for the heads up!

LikeLike
- dogdaz
  
  April 16, 2013 at 06:47
  
  You are welcome
  
  LikeLike
Pingback: Wordpress Security - If You Blog, Read This - The Search Engine Blog
Misty Shores Chesapeakes

April 17, 2013 at 19:58

Thanks for the tip!

LikeLike
- dogdaz
  
  April 17, 2013 at 20:05
  
  You are welcome
  
  LikeLike

LIKE us please!

LIKE us please!
Follow Blog via Email

Enter your email address to follow this blog and receive notifications of new posts by email.

Email Address:

Join 2,339 other subscribers
Recent Posts
Search the Blog
Search
Archives
Archives
Pages
- About
- Angels
- Awards
Blog Stats
- 220,184 hits
Legal Stuff

© Lorian Lipton and DogDaz.com, 2010-2026. Unauthorized use and/or duplication of this material without express and written permission from this blog’s author and/or owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to Lorian Lipton and DogDaz.com with appropriate and specific direction to the original content.

DogDaz Zoo