Hostgator reported an on-going global attack on WordPress websites. The attack results in a very slow backend on your WordPress site and/or the inability to login. Sites most vulnerable are those being hosted on a VPS or Dedicated server. While Hostgator reported the attacks and are taking steps to improve security, other hosting services are likely being affected.

Here are some tips on how to protect your site from these attacks.

  1. Change all admin and user passwords immediately! Make sure your new password meets the strongest security requirements. Need help coming up with a new password? Check out this blog post on Creating a Password Strategy.
  2. Make a full backup of your website and save it locally or on another secure cloud server.
  3. Make sure your WordPress is updated to the latest version.
  4. Update all plugin and theme files to the most current versions.
  5. Install a WordPress security plugin. Some of the popular options include: Better WP Security and BulletProof Security.
  6. Add an additional layers of security to your site. Hostgator details steps you can take here: http://support.hostgator.com/articles/specialized-help/technical/wordpress/wordpress-login-brute-force-attack

Have you experienced any problems with your website?