addressalign-toparrow-leftarrow-rightbackbellblockcalendarcameraccwcheckchevron-downchevron-leftchevron-rightchevron-small-downchevron-small-leftchevron-small-rightchevron-small-upchevron-upcircle-with-checkcircle-with-crosscircle-with-pluscontroller-playcrossdots-three-verticaleditemptyheartexporteye-with-lineeyefacebookfolderfullheartglobegmailgooglegroupshelp-with-circleimageimagesinstagramFill 1light-bulblinklocation-pinm-swarmSearchmailmessagesminusmoremuplabelShape 3 + Rectangle 1ShapeoutlookpersonJoin Group on CardStartprice-ribbonprintShapeShapeShapeShapeImported LayersImported LayersImported Layersshieldstartickettrashtriangle-downtriangle-uptwitteruserwarningyahoo

Fwd: [WordPress Security] Large distributed brute force attack on WordPress sites underway

From: Lou Anne M.
Sent on: Monday, February 10, 2014 10:28 AM
FYI everyone!

-- 
Lou Anne McKeefery
(408)[masked]
http://www.Be-Found.net
Untangling The Web So You Can Be Found


-------- Original Message --------
Subject: [WordPress Security] Large distributed brute force attack on WordPress sites underway
Date: Mon, 10 Feb[masked]:43:16 -0500
From: Wordfence <[address removed]>
To: [address removed]


[WordPress Security] Large distributed brute force attack on WordPress sites underway
Dear WordPress Publisher,

If you would like to stop receiving WordPress security alerts and product updates from Wordfence, you can click here.  You subscribed to this list via the Wordfence security plugin for WordPress If you find this alert helpful, please give us a 5 star rating on WordPress.org. 

As of 11am eastern time this morning we are monitoring the largest distributed brute force attack on WordPress installations that we've seen to date. The real-time attack map on www.wordfence.com became so busy that we've had to throttle the amount of traffic we show down to 4% of actual traffic.

A brute force attack is when an attacker tries many times to guess your username password combination by repeatedly sending login attempts. A distributed brute force attack is when an attacker uses a large number of machines spread around the internet to do this in order to circumvent any blocking mechanisms you have in place.

If you're using the free or paid version of Wordfence you should have the option to "Participate in the real-time Wordfence security network" under 'Other options' enabled. This will immediately block any attack originating from an IP address that has attacked other WordPress sites using Wordfence. This is an effective defense against this kind of attack.

We recommend that until this passes you monitor your WordPress websites closely for unusual activity including logins, account creation or changes to the public facing website. 

If you found this alert helpful, please give us a 5 star rating on WordPress.org on the right of the page.

Mark Maunder
Wordfence Creator & Feedjit Inc. CEO.

PS: If you aren't already a member you can subscribe to our WordPress Security and Product Updates mailing list here. You're welcome to republish this email in part or in full provided you mention that the source is www.wordfence.com. If you would like to get Wordfence for your WordPress website, simply go to your "Plugin" menu, click "add new" and search for "wordfence".


Feedjit Inc., 800 Fifth Ave, Suite 4100, Seattle, WA 98104, USA

Unsubscribe | Change Subscriber Options



Our Sponsors

  • WP Site Care

    WORDPRESS SUPPORT YOU CAN TRUST Platinum Financial Sponsor

  • InMotion Hosting

    Web Hosting Choice for your WordPress needs – Blazing fast SSD hosting.

  • lynda.com

    Online technical training courses help you learn critical skills.

People in this
Meetup are also in:

Sign up

Meetup members, Log in

By clicking "Sign up" or "Sign up using Facebook", you confirm that you accept our Terms of Service & Privacy Policy