There is currently a large scale, world-wide brute force attack in progress on the default WordPress login pages. A brute-force attack is when an automated program (sometimes called a ‘botnet’) tries to break into a password protected site by repeatedly attempting to log in with different passwords until it finds the right one.
To be clear, this issue is not specific to IX Web Hosting. In fact, this attack is affecting all WordPress users around the world, and virtually every web hosting company.
This attack was greatly affecting our Linux servers, causing them to be slow and to go down at times.
Initially, in order to keep the brute force attack from breaking into customers’ sites and compromising them, we temporarily blocked all IP access to wp-login.php. We realize this may have been inconvenient, as it prevented anyone (even the site owner) from logging in to update website content, but this allowed for three important things:
It prevented malicious software the ability to access, compromise, or delete our customers’ WordPress files.
It allowed WordPress sites to remain active (viewable).
It removed the strain from our servers so that they didn’t slow down or go offline.
We have now implemented a server-wide module that filters out the malicious connections, and we have removed the IP block from wp-login.php. Users should now be able to login to their WordPress admin areas to make changes to their sites.
We will continue to work on this issue and will update you on the situation as we get more information.