SangFroid Web, LLC

Alpharetta & Atlanta Web Design for Business Owners and Solo Professionals

by

Skull and crossbones on a computer key representing stupid hackers. Brute Force Attacks on WordPress and Joomla Login Pages This Week

Over the past several days, many web hosts are reporting a sharp increase of brute-force attacks on their systems, including our hosting.

These attacks attempt to gain access to customer accounts that have weak passwords. While it's bad enough if an outsider is able to gain access to your site, this type of attack also wreaks havoc on hosting servers by overloading them with requests and causing them to function slowly or not at all for periods of time.

While these attacks are nothing new, this current wave is apparently sophisticated and very large in scope. If you are using our hosting or Godaddy hosting, the security measures being put in place to address this are causing some customers have  difficulty accessing the admin pages for WordPress. Some sites may also have had intermittently unresponsive sites because of the attacks.

What the Hosting Company is Doing

The hosting security team continues to identify these attacks, down to the IP address, and block anything that looks malicious. Additionally, they have installed new features on every single one of their thousands of servers to block these bad guys more quickly.

What You Can Do

Regardless of whether you use WordPress or Joomla! for your website, this worldwide attack could affect you. That’s why it’s imperative that you use strong passwords.

We all know that “password” or "secret" is not a stellar password, but neither are dictionary words, your dog’s name, or the name of the street you live on. Attackers have lists of dictionary words and common passwords, and use those lists in attacks like we’re experiencing.

What Does a Sophisticated Password Look Like?

The tougher and more sophisticated your password, the more difficult it will be for an attacker to gain access. Given the reported scale and sophistication of this week's attacks, we recommend that each and every one of you login to WordPress and change your password to something very strong. More information on creating a strong password »

Please remember, if you use the same password for your hosting that you do for your bank account, an attacker could compromise much more than your website. Make sure your passwords are unique for all your accounts.

If you are currently being affected by this attack, thank you for your patience while the hosting companies deal with attackers. Hang tight...This too shall pass. 🙂

WordPress Care Plans - Keeping Your Site Safe

FREE Guide: 5 Essentials for Keeping Your Website Safe

Are you keeping your WordPress website safe? Download our guide to understand how to evaluate the success of your website, plus tips that will help you make improvements today!
!
!
Send Me My Free Guide!
Something went wrong. Please check your entries and try again.
Category: , , ,
Avatar for Liz Eisworth

About Liz Eisworth

As owner and lead designer, I specialize in CSS and HTML(5), creating web design and content strategies for businesses, and optimizing websites for SEO. I built my first website for a business in 2003 and my first WordPress website in 2006. I read a lot and like to write on our digital marketing blog about what I’m learning. Learn more about Liz »