Massive global attack going on against WordPress powered sites….
There has been a massive global attack going on against WordPress, specifically the /wp-login.php (which is called by /wp-admin). Here is a very lengthy thread about the situation:
The attackers became very very aggressive overnight, to the point of shutting down 10s of thousands of servers running WordPress They were able to greatly affect the performance of a number of the servers.
As the quick band-aid, as recommended in the above thread, was to block access to /wp-login.php and whitelist IPs for those that need it. It’s not a long term fix, but it has allowed the servers to remain stable. My hosting folks are working on a procedure to allow automatic whitelisting of IP addresses.
This attack started up on April 8th or so, and has compounded itself 10-fold the past few days. The thought is the attackers are hacking into old WordPress installations, getting their code installed, which gives them more “bots” to continue the attack like a virus that is server side.
For now there is no real solution to this World Wide Attack on WordPress powered sites.