Posted on by

Yes, there is really a WordPress attack happening right now

wordpress logoAt about noon today I installed the Limit Logon Attempts WordPress plugin due to the recent reports of a major bot net attack on WordPress sites going on. Since then I’ve received the following reports:

1:18pm
3 failed login attempts (1 lockout(s)) from IP: 94.242.237.133
Last user attempted: admin
IP was blocked for 20 minutes

1:43pm
3 failed login attempts (1 lockout(s)) from IP: 66.85.172.250
Last user attempted: admin
IP was blocked for 20 minutes

2:22pm
6 failed login attempts (2 lockout(s)) from IP: 94.242.237.133
Last user attempted: admin
IP was blocked for 24 hours

3:43pm
3 failed login attempts (1 lockout(s)) from IP: 94.199.51.8
Last user attempted: admin
IP was blocked for 30 minutes

4:05pm
6 failed login attempts (2 lockout(s)) from IP: 66.85.172.250
Last user attempted: admin
IP was blocked for 24 hours

Yes folks, this attack is happening! Step one: DO NOT have ‘admin’ or ‘administrator’ as usernames. Ste 2: Install the a fore mentioned plugin.

And here’s the official advice from WordPress:

Here’s what I would recommend: If you still use “admin” as a username on your blog,change it, use a strong password, if you’re on WP.com turn on two-factor authentication, and of course make sure you’re up-to-date on the latest version of WordPress. Do this and you’ll be ahead of 99% of sites out there and probably never have a problem.

Published by Michael Sauers

Michael Sauers is currently the Director of Technology for Do Space in Omaha, NE. Michael has been training librarians in technology for the past twenty years and has also been a public library trustee, a bookstore manager for a library friends group, a reference librarian, serials cataloger, technology consultant, and bookseller since earning his MLS in 1995 from the University at Albany’s School of Information Science and Policy. Michael has also written dozens of articles for various journals and magazines and his fourteenth book, Emerging Technologies: A Primer for Librarians (w/ Jennifer Koerber) was published in May 2015 and more books are on the way. In his spare time he blogs at travelinlibrarian.info, runs The Collector’s Guide to Dean Koontz Web site, takes many, many photos, and typically reads more than 100 books a year.

3 Replies to “Yes, there is really a WordPress attack happening right now”

  2. Pingback: WordPress Brute Force Attacks - pafa.net – pafa.net

  3. Thanks for the post. Several websites by me (wordpress blogs) also got attacked from the IP **.199.51.8, and not only once. I had already installed the plugins you mentioned, that’s why I saw the attack. But the system is still runiing and the attack did nothing fortunately.
    Greez

Leave a Reply

Your email address will not be published. Required fields are marked *