Archive for 'Server Outages'

WordPress Under Attack

WordPress Under Attack

For the last few days we (any most other web hosts) have been seeing a coordinated brute force attack on WordPress installs.  A brute force attack is a method used by hackers trying many different password and credential combinations in rapid succession in an attempt to obtain your login information.

Initially the attacks were coming from single IP addresses that could be blocked.  The initial attacks caused high load, but were successfully fended off.   The attack has evolved into a distributed brute force attempt, where random IP addresses are being used.  Since the attack is now random we cannot simply block an IP address that is repeatedly trying to login.   To keep your site safe, we have temporarily disabled WordPress login capabilities for the affected web sites.  If you end up with a “Access denied” message when trying to log into your WordPress site, then your site is affected.   We are working on alternate methods to mitigate the attack.

If you need immediate access to your WordPress install, send us an email with your current IP address and the URL of your WordPress site and we can open a spot for you.


Update 4/12/13 2:00PM EST:

The attack has lessened in intensity but is still continuing.  For now we are keeping many WordPress installs locked down to protect your sites and passwords as it is the best way to keep things safe.  As before,  if you need immediate access to your WordPress install, send us an email with your current IP address and the URL of your WordPress site and we can open a spot for you.  We will continue to update this post as the situation develops.


Update 4/12/13 2:30PM EST:

The 1st news articles are beginning to break regarding this attack.


Update 4/12/13 7:30PM EST:

WordPress logins have been re-enabled.  We are monitoring and will post an update here if the situation changes.  In the meantime, everyone using a WordPress install should perform these 2 steps:

  1. Make sure you are using a strong password.  You can generate strong passwords here for free.
  2. Hide your wp-admin by following the guide here.  Note you should pick something unique for your login URL.

Posted in: Server Outages

Leave a Comment (0) →

GoDaddy takes down GoDaddy

GoDaddy takes down GoDaddy

According to this story, and from our own tests, GoDaddy is down, and has been down for hours now.   This is affecting millions of sites and countless more email addresses.  If you can’t send email to someone with GoDaddy as a host, you will just need to wait it out for now.  We truly feel for the poor souls at GoDaddy customer support and all of those affected.

Perhaps folks will learn a lesson from this as well.  Is saving a dollar or so per month really worth the hassle of using a bargain host?  Not only do you lose performance and  top notch support, you also get hit by attacks like this one.  If you are reading this and are affected by this outage feel free to contact us here.  We will get you up and running very quickly.


Turns out it was internal problem and not an attack.  Updated title appropriately.

Posted in: Server Outages

Leave a Comment (0) →