23 aug

WordPress sites vulnerable to bruteforce attack

Sites around the world based on WordPress, one of the most successful Open Source CMSes, are currently experiencing abuse in the form of a bruteforce attack on the login page.

This attack consists of an overload of login attempts on the site, thereby slowing down or even disabling the site under attack.

In order to prevent your site from becoming unavailable we strongly advise you to pay attention to good security measures such as keeping up with WordPress updates as well as theme updates and plugin updates.

Next to keeping up with updates we would like to advise you to look into additional measures for improving security such as deploying plugins like Better WordPress Security, which can be found on http://wordpress.org/plugins/better-wp-security/

A temporary measure to reduce the risk level straightaway is to limit the addresses from where the loginpage can be reached to only your own IP-addres or IP-addresses.

For setups using the Apache webserver one would edit the file .htaccess which can be found in the root folder of the WordPress install and add the following lines:

<Files ~ “^wp-login.php”>
Order Deny,Allow
Deny from all
Allow from 172.16.12.1
</Files>

The line 'Allow from 172.16.12.1' indicates the address from which it is possible to reach the login page, all other addresses will be denied access. Multiple lines are allowed, one for each address you wish to grant access.

Please note: Replace the IP-address in the above example with your own when copying these lines.

If you're unsure what your current IP-address is please visit http://www.whatismyipaddress.com/. This page will show you your current IP-address.

If you have any questions regarding this posting or would like additional support from us, please send an e-mail to [email protected].