In light of the current & ongoing brute force attack against WordPress sites worldwide, I just want to take a moment to thank CloudFlare for blocking this attack and protecting our sites.
This attack is widespread and powerful — at least 90,000 bots, or distinct computers, are apparently involved. Security monitoring firm Sucuri reported seeing 3 times the usual number of brute force login attempts.
CloudFlare reported that nearly every WordPress site in it’s network has seen evidence of some attack. But CloudFlare is blocking them…
From CloudFlare’s blog:
We just pushed a rule out through CloudFlare’s WAF that detects the signature of the attack and stops it. Rather than limiting this to only paying customers, CloudFlare is rolling it out the fix to all our customers automatically, including customers on our free plan.
If you are a WordPress user and you are using CloudFlare, you are now protected from this latest brute force attack.
So — thank you CloudFlare!
Protect Your Own WordPress Site
If you have a user called “admin,” change it immediately from “admin” to something else. While you are it, strengthen you passwords to pass-phrases.
- Log in and go to Users / Add New.
- Enter info for new username — anything but “admin!”
- Be sure to set a long, hard-to-guess pass-phrase.
- Set the Role to Administrator (very important!) and Save.
- Log out, and log back in with the new username.
- Return to Users.
- Delete the “admin” user.
- When prompted, attribute existing posts to your new user. Confirm Deletion.
And, if you are not currently using CloudFlare, consider it!
Positive Element clients: contact Betsy to find out if you are protected by CloudFlare.