Over the last 24 hours we’ve seen an increase of brute-force attacks
against WordPress sites globally. In order to help mitigate these attacks,
we’ve implemented some restrictions on our network to limit the number of
failed login attempts against WordPress sites. However, we highly advise
that you also make some adjustments to your own WordPress site to minimize
your potential risk.
1. We highly recommend that you upgrade to the latest version, WordPress
3.5.1. If you have installed WordPress manually, you can follow these
instructions: http://codex.wordpress.org/Updating_WordPress. If you have
used our Softaculous, you can upgrade by logging into the Control
Panel, select your WordPress installation, and click on the
“Upgrade” button to start the process.
2. Make sure that all your WordPress users have strong passwords. Use at
least 8 characters with lowercase and uppercase letters, numbers and
special characters. It’s especially important to make sure that you don’t
use dictionary words, passwords that are the same as the username, or other
simple passwords. Here are some useful suggestions on creating a strong
3. You can also install a plugin such as “Limit Login Attempts”. This will
allow you to set your own rules for how many failed login attempts are
If you have any questions or concerns, or require any assistance, please
feel free to contact us and we’ll be happy to assist you.