Hackers Having a Field Day In WordPress

There’s a group of hackers running amok with WordPress and Joomla.

Why do hackers hack?

Damn good question, a few reasons. Sometimes it’s to install a link or a script into your website that points to a website of theirs, other times it seems they do it because they can?

Why are they targeting WordPress? (and Joomla, another Content Managed System)

hacker-attackBecause most web designers make it too easy and go with the default login username ‘admin’. That’s half the login hack already done for them. We NEVER set up sites with admin as the username. And our clients are well used to our rather cryptic passwords, apologies for that however it’s to protect you and your business.

These requirements are fairly typical of a secure password: upper and lowercase letters, at least eight characters long, and including “special” characters (^%$#&@*). We generally go 15 to 18 characters long, call me paranoid but better to be safe I reckon.

So how are they doing the hacking?

It’s called a ‘brute force’ attack. What that means is the hackers are just systematically and methodically trying to figure out your password so they can gain control of your sites.

The main force of this attack began last week, then slightly died off, before picking back up again. No one knows when it will end.  The symptoms of this attack are a very slow backend on your WordPress site, or an inability to log in.  In some instances your site could even intermittently go down for short periods.

Again, this is a global issue affecting all web hosts.  Any further information we could provide at this moment would be purely speculation.  Our hope is that this attack ends soon, but it is a reminder that we must all take account security very seriously.

We still recommend WordPress of course (it now accounts for about 18% of the world’s websites) What brought this attack on was simply bad online practices so not endemic to WordPress. That’s why we’re viewed as one of Australia’s top WordPress Website Builders – go Smarter 😎

Here are some good reads on this:

http://blog.crocodilemarketing.com/bid/284184/Hackers-Use-Botnet-Attack-at-WordPress-Sites
http://support.hostgator.com/articles/specialized-help/technical/wordpress/wordpress-login-brute-force-attack
http://tehranchronicle.com/netizens-experiencing-difficulties-with-godaddy-web-hosting-service/1180/
http://www.informationweek.com/security/attacks/wordpress-hackers-exploit-username-admin/240152864

We’ve been monitoring our servers and your website very closely, so please do not worry. All is well in the land of Smarter Hosting. If you have any concerns ring the office on 08 9439 2820.

Share this if you want to make others aware.

About Peter B Butler

Passionate with serial ‘hobbiest’ tendencies. Love WordPress & software 'toys'. Raving 70's Jap Bike collector. By day we convert dead dormant websites into profitable sites, hence ‘Smarter Websites’ - making them 'work', one at a time if necessary. On target for world domination, albeit our part of the world...

Comments

  1. The easiest way to stop brute force attacks is to cripple logging in multiple times incorrectly. On mainframes 3 times were given and then the access revoked for that user. A more modern method is to increase the time before a new attempt at logging in is allowed. The time increases with each unsuccessful attempt.
    Admittedly you get to use what you have, but I don’t see the real issue as using ‘admin’. It’s more the lack of smarts by the designers of Joomla and WordPress in stopping brute force attacks, and users should be requesting better security from the developers of these apps..

  2. Thanks for that response Steve. I’m not personally qualified to respond, that’s why God made ‘Techies’. My point in this post is to simply say that it’s occuring and having an alternative to ‘admin’ as a username would be a good move.

    Interesting to note that in one of the articles linked in this post is that Go Daddy actually shut admin access down for a period.

  3. Found this article to Steve which goes into a bit more detail – http://ithemes.com/2013/04/15/ongoing-wordpress-attacks-details-and-solutions/

Speak Your Mind

*