In an ongoing effort to make you aware of security and performance concerns, we wanted to inform you of an ongoing event.
There is currently a brute-force login attack targeted at websites with WordPress. Due to the nature of the attack, memory consumption on targeted servers has increased. In some cases this has resulted in degradation of performance, and unresponsive servers. This is due to a high volume of HTTP requests which can cause some servers to start swapping memory to disk, and possibly run out of memory. The most impacted servers tend to be those with limited memory resources, especially those with 1GB of RAM or less.
Our monitoring team has been proactively restoring service to managed servers which have been affected.
We have taken proactive steps to reduce the impact of this event. Ashworth Consulting has tested a new ModSecurity rule, and deployed it to customer servers. This new rule will block HTTP requests to the WordPress login page after 10 failed login attempts. The attacking IP address will then be blocked for 5 minutes.
We’re always looking out for our customers, and appreciate your business. If you have any special needs or concerns, please do not hesitate to reach out to our support team!
Leave a Reply