Important update for customers using WordPress.

April 14, 2013

Massive Brute Force attack using Botnet Targets thousands of WordPress sitesAs you may be aware from recent reports in the press and technology news outlets, there is a currently ongoing large-scale “Denial of Service” attack, by an unknown group or party, against websites running the popular WordPress software. Many of you are running WordPress and will have been affected by this large-scale attack.

The attack involves a large botnet of computers, over 90,000 estimated. These computers are attempting to ‘brute force’ their way into the administration area of WordPress installations using the username ‘admin’ and random passwords. As a result of the attack we are seeing a huge increase in traffic to a large number of WordPress sites on our shared hosting platform. This attack is not unique to ourselves and is affecting almost every hosting provider worldwide.

Many providers have blocked access to the Admin area of WordPress altogether, however we do not want to take this approach as it will also prevent you from administering your own website. Instead, when accessing your WordPress Admin Area you may find that you are prompted for a username and password not previously required. We have sent an e-mail with these details to you.

As soon as normal service is resumed, this prompt will be removed and the above credentials will no longer be required. We appreciate your patience during this time. We will be posted regular updates on our system status page, which is available from the customer area of our website.