There is currently a significant attack being launched against WordPress based sites. The attackers are attempting to brute force log into the WordPress administrative interface. From what we have seen they are attempting to use the user-id of “admin” and various passwords.

There are several ways to minimize this attack. The simplest way is to simply not use the user-id of “admin” and choose a strong password. The attack also targets a specific WordPress page and it’s possible to limit access to that page via a .htaccess file. If you are on one of our servers with CloudFlare enabled (and you have enabled CloudFlare) the attack is being blocked by their threat system.

If you need any assistance in protecting your site from this attack please open a support ticket.

Leave a Reply