Dear Customers,
We'd like to update everyone about a major event in the last week that may have impacted you if you are utilizing WordPress software to power your websites, and help give you clear direction for what is needed to restore your WordPress admin page access. If you are not using WordPress this announcement can be disregarded. About a week ago a major network of remotely controlled machines across the world started to actively scan for all WordPress installations across the internet that may have weak administration passwords. This caused outages, slowness, and site access issues for some. We took corrective steps to ensure they did as little damage, or slowness as possible. Part of this process was to block access to the WordPress admin pages. We have a workaround available and some steps to help.
If you are unable to login to your WordPress site or getting a forbidden error, please email technical support for assistance and applying the workaround.
Please open a ticket with our Technical Support
In summary, we recommend the following:
1. Mail technical support for a workaround on accessing your WordPress admin section if yours is unavailable now.
2. If your password does not meet complex designation, please change your password to be highly complex as soon as possible.
3. If you happen to have a static IP address from your ISP, contact support and they will help you lock down your blog to that IP address and further aid you in securing your WordPress installation.
While the issue is lesser on weekends, but as the work week starts again, botnets may be slamming sites again with brute force. The attack is coming from a huge number of IPs addresses, so blocking them is not the solution, as it may come again from an entirely new IP address.
You are requested to make sure admin passwords are not a word based, totally random, and long over 14 chars with upper, lower cases, symbols and numbers.
In addition wp-login.php should be disabled/not used and use our solution workaround instead.
If these pages are not blocked and the bot nets attack, not only will the admin pages not work, but the entire server slows to a crawl and the MySQL servers also cease to work for WordPress and other sites due to the sheer amount of connections.
And if your WordPress site is compromised, your own domain may become part of the botnet that was being used to attack our servers (and in turn your own domain).
Thank you for your patience and understanding to stop these attacks and bring servers back to a working order, these changes are required.
This is/was a global attack and not just on our servers, but across the internet as a whole.
Regards,
iPlusHost Customer Service
