We Set the Standard, since 1996 Phone: 303.539.1839 Contact SalesFaceBook


Back to all Press Releases

WordPress wp-login.php brute force attack discovered.

Recently we have discovered that a widespread brute force attack has been taking place against WordPress sites.

The brute force attack is being executed through a large botnet which is composed of thousands of unique IP addresses all across the world. The attackers are attempting to guess the WordPress administrator panel username and password with their botnet again and again to try and gain access to the site.
The attack is not just isolated to HostWorks, this attack is happening on a global scale across multiple hosting providers.
We HIGHLY recommend updating your WordPress administrator user name and password to something very secure.
User name recommendations:
- Essentially anything besides the name “Admin”, Administrator, “Root” or anything else common.
- This is not as necessary to use complex characters just not the common names.
Minimum password recommendations:
- At least 12 characters total
- Mixture of upper and lower-case letters
- Numbers and special characters, such as punctuation or other non-alphanumeric characters
Example of a weak password: password123
An improved strong password: Aath3iafoh@m

Our Partners Associations Services
Partners: Adobe, Dell, Network Solutions, MX Logic
Rescue Service
Safe Domain RSS Feed
1515 Wynkoop Street, Suite 360 | Denver, CO 80202 | office: 303.539.1839 | fax: 720.573.4140
© 1996-2018 HostWorks, Inc. All rights reserved. | Terms of Service