April 15, 2013

Posted in:

Securing WordPress Against Admin Account Attacks

Recently, there have been widespread attacks targeting WordPress installations. More specifically, these attacks are targeted against the ’admin’ user account. As the ’admin’ account is the default username when setting up a new WordPress installation, it would make sense from an attacker’s standpoint to attempt to crack the password for this user.

The current active attack takes a password file (similar to the one Brian Krebs has obtained on his site listed here) and runs the attack against WordPress admin URLs (/wp-admin). If the crack is successful, it reports back to the botnet owner who is conducting the attack. From there, malware and backdoors can be installed to utilize the WordPress install, and potentially the server, for malicious intent.

So how do you secure your installation of WordPress against this attack? Unfortunately, it is not as easy as blocking a few IP addresses as there are approximately 100,000 IP addresses currently involved in this attack.

There are a number of steps that Edge recommends to secure your installation of WordPress. These best practices will not only assist in warding of against this current attack, but also against future attacks. Read our knowledge base article on WordPress Security.

Go back