How to Protect Your Website During the On-Going Global Attack on WordPress
As you may have heard, WordPress, the open source blogging tool, is experiencing an ongoing and highly distributed global attack on its installations. This attack is happening across all hosting providers, including us. It is well-organized and so far over 90,000 IP addresses have been involved.
If you have a WordPress site, whether it is hosted with us or not, we recommend you take the following steps to protect your site:
1. Update your WordPress installation if you use version 3.5 to 3.5.1
2. Upgrade your WordPress installation if you use version 0.71-gold to 3.4.2
3. Install WordPress's security plugin
4. Change your admin password and ensure you're new password is secure
Those responsible for the attack are attempting to log in to WordPress installations using a list of the most commonly used username and password combinations, so a secure password is a must. A secure password should use both uppercase and lowercase letters, numbers, symbols, and be at least 15 characters long. Make sure your new password is not similar to your old password and does not include your name or login.
Post by Robyn Norgan