This week has been a busy one here at the JamJo HQ. WordPress has been the target of a global brute-force attack. Sites across the world are being affected. Even the major news agencies such as BBC are covering it: http://www.bbc.co.uk/news/technology-22152296 BBC actually explain the attack quite well. So what is your hosting company doing about it. Well here at JamJo we take security very seriously, we try to prevent these attacks from effecting our network as much as possible. Most hosts tend to rely on their firewalls and not focus on the hosted application itself, WordPress in this case.
The founder of WordPress: Matt Mullenweg, has confirmed that plugins should NOT be used in this situation: Most other advice isn’t great — supposedly this botnet has over 90,000 IP addresses, so an IP limiting or login throttling plugin isn’t going to be great and infact may bring down your server if pointed at your website.
We have updated each of our clients htaccess files who have hosting plans with us in order to stop direct automated attempts to gain access. However not even this will mean total protection so we have taken a number of other actions to strengthen security on all websites. We have also increased backups to our Amazon S3 service in order to have a quick restore to any potentially hacked website.
What all WordPress site owners need to do right now on all sites:
1. Immediately change your passwords to the WordPress admin area, FTP, any control panels
2. Your password should be very strong over 15 characters and MUST have all of: uppercase and lowercase letters, numbers, and special characters.
3. Scan your computer for viruses, keyloggers, rootkits, and botnet software
4. Update WordPress and all plugins to the latest versions (JamJo takes care of this for you)
We are currently monitoring all websites and blocking out any IP range that is trying to automate a login to any website. Please contact us if you find anything strange on your website. All sites right now seem to be clean of any malware as we do regular checks each day for this. Typically keeping your website up to date and keeping all plugins up to date and also maintaining strong password and username controls can prevent against all these types of attacks. This is why we have created this managed website hosting solution solely for WordPress.