Surprised to see DP forums not discussing on this issue. You can read the following links for more info. http://blog.sucuri.net/2013/04/protecting-against-wordpress-brute-force-attacks.html http://www.inmotionhosting.com/support/news/general/wp-login-brute-force-att ack http://blog.hostgator.com/2013/04/11/global-wordpress-brute-force-flood/ http://bad-behavior.ioerror.us/2013/04/10/wordpress-brute-force-login-attacks-stepped-up/ s-stepped-up/ In short a botnet operating on over 90,000+ IP addresses has been launching a brute attack. So a few hosting providers have decided to cut off access to the Login page. Any way it is wise to change your pw to a more secure one right away!!!
It is interesting that only (my) websites written in English are affected, others are fine. Although it sucks that I can't log in to my WP, I don't plan to move all files to another location because I am too lazy and I believe that such kind of attack is very rare (and thus won't happen often which would probably make me do something about it). It would be nice if the people who control the botnet released some stats after end ing this IMO futile attempt to hack sites.
I seen this with my host trying to log in, they have put the login area on another secure part with a particular username and password before i can see my login page a bit of a pain but atleast the host is looking our for me.
Bulletproof security will keep you safe. I have had to ping a few hosts for clients and let them know I have stuff locked down on my own. http://wordpress.org/extend/plugins/bulletproof-security/ just a thought, Nigel
Another great plugin is Better WP Security. So far I haven't been affected and I have around 40 WP sites. http://wordpress.org/extend/plugins/better-wp-security/
I am sure that there are lots of "security" plugins but I doubt that any of them would help in this situation.
If your wp-admin folder and any hackable file is not the in it's native location the problem is solved. Nigel
That's true. But do you really need a plugin to do that for you? All these security plugins seem like a way to waste server resources to me.
my website was affected too username seems to be different in admin panel I resetted it and than changed the password again