We will be emailing a similar notice soon regarding WordPress and massive botnet attacks to brute for the admin pages of any wordpress installations.
If you are unable to login to your wordpress site or getting a forbidden error, please email technical support for assistance and applying a workaround.
While the issue is lesser on weekends, but when week starts again, botnets will be slamming sites again with brute force. Make sure admin passwords are not a word, totally random, and long over 14 chars with upper, lower cases, symbols and numbers all. In addition wp-login should be disabled/not used and use our solution workaround instead. Over 150,000 IPs have bee behind these attacks and it is nearly impossible to block except to block wordpress login page entirely. Working on this many IPs would either block innocents by ranges, or overwhelm normal firewalls, while the web server itself can stop the loading very quickly.
If these pages are not blocked and the bot nets attack, not only will the admin pages not work, but the entire server slows to a crawl and the MySQL servers also cease to work for Wordpress and other sites due to the sheer amount of connections.
Thank you for your patience and understanding to stop these attacks and bring servers back to a working order, these changes are required.
Due to the fact that these botnets were targeting the wordpress administrator logins we do recommend changing passwords if yours was not totally random and complex. Otherwise your own domain may become part of the botnet that was being used to attack our servers (and in turn your own domain).
Again this is/was a global attack and not just on our servers, but across the internet as a whole.
Regards,
JodoHost Customer Service
If you are unable to login to your wordpress site or getting a forbidden error, please email technical support for assistance and applying a workaround.
While the issue is lesser on weekends, but when week starts again, botnets will be slamming sites again with brute force. Make sure admin passwords are not a word, totally random, and long over 14 chars with upper, lower cases, symbols and numbers all. In addition wp-login should be disabled/not used and use our solution workaround instead. Over 150,000 IPs have bee behind these attacks and it is nearly impossible to block except to block wordpress login page entirely. Working on this many IPs would either block innocents by ranges, or overwhelm normal firewalls, while the web server itself can stop the loading very quickly.
If these pages are not blocked and the bot nets attack, not only will the admin pages not work, but the entire server slows to a crawl and the MySQL servers also cease to work for Wordpress and other sites due to the sheer amount of connections.
Thank you for your patience and understanding to stop these attacks and bring servers back to a working order, these changes are required.
Due to the fact that these botnets were targeting the wordpress administrator logins we do recommend changing passwords if yours was not totally random and complex. Otherwise your own domain may become part of the botnet that was being used to attack our servers (and in turn your own domain).
Again this is/was a global attack and not just on our servers, but across the internet as a whole.
Regards,
JodoHost Customer Service