Jump to content
MDDHosting Forums

Distributed wp-login.php Attack affecting Echo and Boreas, Blocks put in place.

Recommended Posts



Since WordPress is such a large target it seems this sort of attack is going to become more common. Directions on avoiding becoming a target of this attack can be seen in this thread:

WordPress Brute Force attacks and wp-login.php. If you're running WordPress it's important that you view this topic.

Here you can see the impact on Idle CPU and server load:



As you can see this had a major impact on these servers with the load going up to ~70 on one server and ~43 on the other and Idle CPU dropping down to 3~4% on both. The quick dips in the load after it's risen and the quick rise of Idle CPU to normal are us putting blocks in place only on the accounts that were under attack.


We do not like putting blocks in place or modifying user content [as required to put this block in place] but the Idle CPU and Load Graphs make it clear that action was required.


If you have any questions about this at all, let us know.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...