WordPress continues to be a main target of DDoS attacks with hackers continually finding new vulnerabilities.
Just a few months ago a large attack occurred that involved thousands of sites. It’s an important story as it solidifies the magnitude of the threat.
Here are the details of the story…
Security researchers have uncovered a recent distributed denial-of-service (DDoS) attack that used at least 162,000 WordPress-powered websites to knock another site offline.via Attackers trick 162,000 WordPress sites into launching DDoS attack
Dan Goodin, from arsTechnica, says that the DDoS attack targeted the XML-RPC in WordPress sites. The XML-RPC allows pingbacks, trackbacks, and remote access via certain software. The hackers found a vulnerability in this and were able to launch this huge attack with minimal resources.
The WordPress site that was under attack was down for many hours forcing the host to shut them down. With further investigation it was discovered that it was a “HTTP-based (layer 7) distributed flood attack, sending hundreds of requests per second to their sever.”
Sucuri who did the investigation commented…
The most interesting part is that all the requests were coming from valid and legitimate WordPress sites. Yes, other WordPress sites were sending that random requests at a very large scale and bringing the site down.via More Than 162,000 WordPress Sites Used for Distributed Denial of Service Attack
Can you see how powerful it can be? One attacker can use thousands of popular and clean WordPress sites to perform their DDOS attack, while being hidden in the shadows, and that all happens with a simple ping back request to the XML-RPC filevia http://blog.sucuri.net/2014/03/more-than-162000-wordpress-sites-used-for-distributed-denial-of-service-attack.html
Are You At Risk
Imagine your site being one of these 162,000 that attacked another site. How would that make you feel knowing that your website helped to take down someone elses?
The people who owned these sites were victims of a hackers plot. But where does the responsibility begin and where does it end?
Here’s what two leading experts say about the issue.
Poor Internet hygiene, not increased cybercrime, is what’s really to blame for the increased botnet traffic the online world is battling, say cybersecurity experts Tom Kellermann and Rod Rasmussen. Because end users are not keeping software and patches on their computers and websites – such as blogs built on WordPress – up to date, cybercriminals have found the devices and sites easy to compromise, the two say during this interview with Information Security Media Group.via Stop Breaches? Improve Internet Hygiene
You can listen to the full interview here.
As this particular attack targeted the pingback feature if this is enabled on your site then, YES, you would be at risk. This feature is turned on by default and needs to be turned off in order to close this loophole. You can do this manually or by using a security plugin.
How to Prevent a DDoS Attack
The best way to prevent such an attack is to ensure that your WordPress site is up-to-date. But that alone is not enough. You need to protect your site. You need to block the attacks as they come. And they will come.
Thousands of WordPress sites are attacked every single day and it is not a matter of if, but rather when. Let’s all do our part in keeping hackers at bay and keeping our WordPress sites safe.
Images courtesty of Pixabay
