Kicking WordPress into submission and learning to tweak virtual machines

Kicking WordPress into submissionOnce more I go deep down troubled waters and remain a bit away from everything interesting…

Well, at least the interesting things about Second Life® and OpenSimulator, of course 🙂

In fact, in my spare time — which is pretty much the little time I can afford to spend away from my academic research — I had to deal with the infamous WordPress Distributed-Denial-of-Service (DDoS). You might think it’s over, but no. Just yesterday, a newly-installed WP blog which was moved from a different server got hit with a gazillion requests, in a brute-force attempt to get the ‘admin’ password. All of them failed, and the WP backend didn’t even register much traffic, but the huge spike on traffic got the security team insanely worried about WordPress — since it was the only WordPress-enabled website on a rather large server.

The botnet doing these attacks cares little. Once they suspect there’s a WordPress blog hosted on the server, they will pretty much attack everything there, no matter what application/technology it’s using. Putting everything behind CloudFlare helps (and almost all sites were already protected), but it’s no guarantee that the crackers will leave you in peace. So, now you know, if you have neglected your website lately, take good care — the botnet is still around and still doing a lot of harm.

| | | Next → |
%d bloggers like this: