Michael D. Posted May 9, 2014 Report Share Posted May 9, 2014 Hello, Since WordPress is such a large target it seems this sort of attack is going to become more common. Directions on avoiding becoming a target of this attack can be seen in this thread:WordPress Brute Force attacks and wp-login.php. If you're running WordPress it's important that you view this topic.Here you can see the impact on Idle CPU and server load:http://www.screen-shot.net/2014-05-09_03-59-54.png As you can see this had a major impact on these servers with the load going up to ~70 on one server and ~43 on the other and Idle CPU dropping down to 3~4% on both. The quick dips in the load after it's risen and the quick rise of Idle CPU to normal are us putting blocks in place only on the accounts that were under attack. Only affected accounts had the block put in place.It is fully possible for the webmaster/account holder to modify/remove the block although we suggest only doing so if you plan to somehow protect the wp-login.phpFull directions on the block and how to add your IP or remove the block can be seen here: http://forums.mddhosting.com/topic/979-wordpress-wp-login-brute-force-kobold-server-update-boreas-and-jasmine/?p=4896We do not like putting blocks in place or modifying user content [as required to put this block in place] but the Idle CPU and Load Graphs make it clear that action was required. If you have any questions about this at all, let us know. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.