WordPress hit by major DDoS attacks
One of the most popular content management systems on the web, WordPress, has been hit with a major distributed denial-of-services (DDoS) attack, focusing on blogs with weak admin credentials. Those with WordPress blogs and websites are being strongly encouraged to update their passwords in order to help protect their sites.
Approximately 90,000 servers are being used to issue a brute-force attack on the WordPress servers, in an attempt to try and guess administrator passwords. Key ways to tell if your site has been affected is if you are unable to log in, your site is significantly slower, or your site goes down completely.
Admin’s are being encouraged to change their passwords to have the following characteristics:
- be at least 8 characters in length
- include numbers, letters and special characters
- include upper and lower-case letters
If your site is at risk, your host provider should have emailed you with information and steps on what you can do to protect your site.