Over the last year or so we’ve been monitoring WordPress hack attempts. Everyone knows using an account named, “Admin” (which was the default WordPress login years back) is ripe for brute-force login attacks. What’s interesting is that the same sites often get attacked repeatedly with the same login username – but from the same IP – just at later dates.
Recently there’s been a major uptick in these WordPress brute force botnet attacks – while the attackers generally never get through, since we all have strong passwords, it does take away server resources. (more…)