As you may already be aware, the brute force attack on one of the most popular CMS worldwide – WordPress, is still in progress, and has reached world-wide scale. The consequences of this attack are seen not only by our company but by basically any company that provides hosting for WordPress sites. As a rule, we are able to address or filter similar attacks without much trouble, but the current situation is different in scale and the level of resources invested into it.
At the moment, we have taken a large number of measures to mitigate the results of this attack, but the situation is worsened by several facts:
1) first of all,the attack is launched from spoofed IP addresses, and blocking these IPs doesn’t have any long-term effect; 2) the attack’s algorithm is extremely sophisticated, and is constantly evolving: all our attempts to reduce the consequences of the attacks which were functional an hour ago, are reduced in effect by each new evolution and change in the attack’s pattern; 3) the amount of compromised websites grows with each day (mainly websites with weak or default passwords and login credentials), malicious scripts are uploaded to these sites, and these scripts cause a hightened network activity and system resource consumption, which influences the function and speed of all services of a hosting server.
We are constantly monitoring the current situation, and implementing the necessary countermeasures to pro actively deny the attackers the opportunity to compromise the WordPress installations located on our servers, but we’d like to ask you to be patient with us during this difficult situation.