Thanks Thanks:  0
Likes Likes:  0
Results 1 to 2 of 2
  1. #1
    Member Since
    Jun 2012
    Location
    Ottawa, Canada
    Posts
    3,254
    Thanks (Received)
    26
    Likes (Received)
    31

    WordPress, Joomla, etc., under attack

    WordPress blogs and more under global attack - check your passwords now!
    by Paul Ducklin, Sophos.com
    April 13, 2013

    If you have a web service that supports remote users, you will know that malevolent login attempts are an everyday occurrence.

    Even on my own home-hosted SSH server, listening unassumingly on an IP number on a DSL line, I've seen thousands of login attempts from dozens of different IP numbers in the course of a single day.

    But hosting providers worldwide are reporting that they've been seeing systematic attempts, over the last 48 hours or so, to breach blogs and content management systems (CMSes) at well above average levels.

    The primary target seems to be WordPress, with Joomla users also reportedly getting a bit of a hammering.

    Word from the anti-DDoS world is that a botnet is responsible, with estimates of "up to 90,000," "more than tens of thousands," and "up to 100,000" infected computers (all those figures can be true at the same time, of course) orchestrating the felonious login attempts.

    Since it would take too long to try every possible username and password on every known WordPress or Joomla server, this onslaught is using what is known as a dictionary attack.

    That's where a crook settles on a list of the most likely usernames and passwords, and tries those in quick succession.

    The idea is simple: automate the password guessing, speed up the attack, and don't spend too long on any individual site.

    Look for the low-hanging fruit, and harvest it as quickly as you can; if you can't get in within a few hundred or thousand attempts, move on to the next potential victim.

    It's doorknob rattling, but on an industrial and international scale.


    Read more...

  2. #2
    Member Since
    Jul 2012
    Location
    Minneapolis, MN
    Posts
    495
    Thanks (Received)
    0
    Likes (Received)
    0

    Re: WordPress, Joomla, etc., under attack

    I have taken a few steps to further protect my clients' WordPress sites (including my own):

    1. Get everyone on CloudFlare (they offer a free service!)
    2. Install the "limit attempted logins" plugin
    3. Install an old plugin I had that creates a captcha system on the WordPress login page

    Also, as a standard practice I have always used a very uncommon username and a strong password for the login page. As the article states, avoid usernames like "admin" or "test." I usually use the business owner's name as the username: John Smith.

    Travis Van Slooten
    TVS Internet Marketing: Helping Small Businesses Increase Their Visibility & Sales Online.

Similar Threads

  1. New Local SEO Wordpress plugin from Yoast
    By Nick Rink in forum Local SEO Tools & Software
    Replies: 10
    Last Post: 05-30-2013, 05:20 PM
  2. Replies: 8
    Last Post: 04-09-2013, 08:35 AM
  3. Why does anyone use Joomla?
    By Nick.SEOSpark in forum Internet Marketing
    Replies: 3
    Last Post: 01-16-2013, 11:22 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •