MAJOR WordPress attack going on NOW

If you own a WordPress blog, make sure it’s secure. According to’s blog, there is a significant WordPress attack taking place across a number of web hosts.

As I type these words, there is an on-going and highly-distributed, global attack on WordPress installations across virtually every web host in existence.  This attack is well organized and again very, very distributed; we have seen over 90,000 IP addresses involved in this attack.

At this moment, we highly recommend you log into any WordPress installation you have and change the password to something that meets the security requirements specified on the WordPress website.  These requirements are fairly typical of a secure password: upper and lowercase letters, at least eight characters long, and including “special” characters (^%$#&@*).

HostGator goes on to mention how to password protect your wp-login.php scripts. Please see this tutorial. Although it’s written for users on HostGator servers, the steps should work across nearly all cPanel web hosts.

Stay safe out there!


AbdulBasit Makrani

Thanks for this info! I will immediately change the passwords of my wordpress sites.

Leave a comment


email* (not published)