WordPress sites are under a large bruteforce attack which is subsiding now, the WordPress security company Wordfence has reported.
Wordfence said that it noted a huge increase in the size of attack on February 10th. The attack was at a such large scale that they had to throttle the data being generated and displayed on its monitors. Another security company BruteProtect also told WPtavern that they also noted the huge increase in attack. It said:
Yes, we’ve been watching it going crazy. We’ve been seeing levels about 8 times higher than average. Interestingly, while this is definitely a large attack, it’s not the biggest we’ve seen. We were seeing nearly twice as much activity for a 4-day period in mid-January.
The main attack mechanism is by trying to bruteforce the WordPress admin login by targeting the common admin login names on those wordpress sites which have not changed their administration login from admin to any other obscure name.
It is recommended to use a plugin that limits the login attempts on your WordPress sites and blacklists the IP address that is trying to bruteforce. It is also essential to use a strong administration password for the WordPress admin login with a combination of numbers, capital and small letters. It is also advised to change your WordPress admin login username from admin to some other username.