Huge Worldwide WordPress Brute Force Attack

The rare Tuesday post, but this couldn’t wait.  If you are running a WordPress site, you need to know this.  This was just released by WordFence.

“Early this morning our team was woken up by systems alerts letting us know that we needed to scale up our attack logging capacity. The number of WordPress attacks we were monitoring per hour had exceeded anything we have seen before.

We rapidly scaled up our infrastructure and are now monitoring what appears to be the most aggressive distributed brute force attack in history, targeting WordPress websites. We are currently seeing over 14.1 million attacks per hour and rising.

We have published details on our blog including a possible explanation for this new attack campaign and what to do to protect yourself. We continue to monitor the situation.


About the Author:

Cybersecurity analyst, pen-tester, trainer, and speaker. Owner of the WyzCo Group Inc. In addition to consulting on security products and services, Bob also conducts security audits, compliance audits, vulnerability assessments and penetration tests. Bob also teaches Cybersecurity Awareness Training classes. Bob works as an instruction for CompTIA’s non-profit IT-Ready Program in the Twin Cities. IT-Ready is a tuition free 8-week program designed to teach students of all ages the fundamentals of IT support to prepare them for an entry level position in Information Technology Support. Graduates of the classes take the exams to become CompTIA A+ certified. Bob is a frequent speaker at conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. Bob has been blogging on cybersecurity since 2006 at

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.