If you are a website client with James Publishing, nine times out of ten this means your site is built in an application called WordPress. You may or may not know this, but earlier this month a DDoS(distributed denial-of-service) attack that uses a massive amount of computers from all over the Internet began hitting more than 90,000IP (Internet Protocol) addresses that run the WordPress application.
The culprits behind the attack are still unknown at this time due to them using “spoofed” IP addresses preventing them from being traced. It is assumed that these networks of hackers are on a global level and using many computers that are already infected unbeknownst to the owner/user. The attack uses a “brute force” login attempt that hits the admin panel over and over again, eventually bringing the entire server down if the password is not “guessed.” By default, WordPress uses ‘admin’ as the username. In most cases, this user name is rarely changed so it is already putting the hacker’s one step ahead in knowing the user name to the admin panel.
Many hosting providers, including James Publishing were targeted in this attack due to having so many of our hosted websites running on WordPress. While our passwords were not compromised, one of our servers did receive some down time as we worked frantically to protect our client sites. To counter these attacks, we have implemented the following security measures:
- Installed Captcha on all forms, login areas and any other field that inserts any type of data into a database.
- We have gone through hundreds of client sites and changed any user name that was using the default ‘admin’ to something custom.
- We have also changed all the administrator passwords to make them even more secure than before using letters, numbers, special characters and anything else we can use to keep enemies guessing.
- Nightly backups of everything. This includes the WordPress database that houses all of the website content like pages and posts, as well as backing up every file in your web directory such as images, PDFs, etc.
Unfortunately, this will not be the end of these kind of attacks and that just comes with the territory of being out publicly on the Internet/World Wide Web. By implementing the above changes, we have taken a leap forward in monitoring for these assaults in the future and preventing them immediately.
As a JP client fear not, your website is safe and sound, you can sit back and relax. However, if you do see anything suspicious please do not hesitate to contact us.