Global WordPress brute force attack

The last few days there is an on-going and highly-distributed, global attack on WordPress installations across virtually every web host in existence.  This attack is well organized and distributed.

http://blog.hostgator.com/2013/04/11/global-wordpress-brute-force-flood/

http://blog.cloudflare.com/patching-the-internet-fixing-the-wordpress-br

To protect your blog,

  1. remove default admin account and create a new one with a different username
  2. change your administrator password
  3. install a captcha plugin

How to select a secure password from WordPress

%d bloggers like this: