The big WordPress attack and how Namecheap helped
There’s been a large attack on worldwide WordPress installations over the past week. This has made news at the highest levels and was covered early on by ArsTechnica and even today made the BBC.
We were initially rather silent on the attack itself. Others were quick to jump on the PR bandwagon but we were busying ourselves on the fix itself. It is important, though, that I write this blog post to highlight just what the Namecheap technical team achieved.
We were the first to release a working fix that:
- 1. Identified the difference between the attacker’s requests and regular ones
- 2. Created effective firewall (IP tables) rules that locked the attacker out
- 3. Accomplished the above without overloading/crashing the server
We then shared our fix publicly with the hosting industry on WebHostingTalk here, as part of the much larger WordPress discussion thread.
A big thumbs up to the Namecheap technical team behind the WordPress fix!
Introducing EasyWP, the fast and reliable Managed WordPress Hosting solution from Namecheap.