7 {{ upvoteCount | shortNum }}
7 {{ upvoteCount | shortNum }}

Huge Attack On Wordpress Blogs Hosted With Midphase!!!

by andyjbenson
6 replies
Hey guys,

just a quick "Heads Up" on this one.

If you have your hosting with Midphase you may or may not be aware of a huge attack on WP hosted blogs.

So much so, that Midphase have put a block on the /wp-admin page! Not good if you use WP daily as I do!

If this affects you, there is a fix and it's quick. Simply goto the main Midphase.com site, click on "Chat" and give your User ID and password to the support guy.

Give him a list of your WP URL's that are hosted on your Midphase account and he will give you an alternate login page to the normal /wp-admin one.

For obvious reasons I am not going to list what the alternate is here on the forum. Suffice to say it takes 5 mins to fix and you will be back up and running!
#attack #blogs #hosted #huge #midphase #wordpress
  • Profile picture of the author M@tt
    Originally Posted by andyjbenson View Post

    Hey guys,

    just a quick "Heads Up" on this one.

    If you have your hosting with Midphase you may or may not be aware of a huge attack on WP hosted blogs.

    So much so, that Midphase have put a block on the /wp-admin page! Not good if you use WP daily as I do!

    If this affects you, there is a fix and it's quick. Simply goto the main Midphase.com site, click on "Chat" and give your User ID and password to the support guy.

    Give him a list of your WP URL's that are hosted on your Midphase account and he will give you an alternate login page to the normal /wp-admin one.

    For obvious reasons I am not going to list what the alternate is here on the forum. Suffice to say it takes 5 mins to fix and you will be back up and running!
    It the "attack" the same one that hit most hosts before summer? If so, there's a much easier fix than just blocking the entire wp-admin directory. Pretty painful!

    Matt
    Signature

    Matt Russell | CEO
    www.webhostingbuzz.com for 5 star US/UK web hosting
    And finally a reliable, honest hosting affiliate program. Warriors, join today at http://www.webhostingbuzz.com/affiliates.php

    {{ DiscussionBoard.errors[8634096].message }}
    • Profile picture of the author DTGeorge
      Originally Posted by M@tt View Post

      It the "attack" the same one that hit most hosts before summer? If so, there's a much easier fix than just blocking the entire wp-admin directory. Pretty painful!

      Matt
      Well, I'm with Westhost, and this seems to pretty much be their MO when under attack, as at least twice my WP login has been disabled due to attacks
      Signature
      Kickass writer featured in:
      Make a Living Writing
      Be a Freelance Blogger
      Writers in Charge
      Contact me now for quality content at a reasonable rate
      {{ DiscussionBoard.errors[8634306].message }}
      • Profile picture of the author M@tt
        Originally Posted by DTGeorge View Post

        Well, I'm with Westhost, and this seems to pretty much be their MO when under attack, as at least twice my WP login has been disabled due to attacks
        We rate limited it on our servers and it worked fine. The attack was huge but we quickly built up a profile of attacking IPs and firewalled them. We haven't seen any noticeable issue since back in April.

        How to help reduce the impact of the global WordPress attack

        If UK2 (who own midphase/westhost) are overloading their servers then that could be the issue.

        Matt
        Signature

        Matt Russell | CEO
        www.webhostingbuzz.com for 5 star US/UK web hosting
        And finally a reliable, honest hosting affiliate program. Warriors, join today at http://www.webhostingbuzz.com/affiliates.php

        {{ DiscussionBoard.errors[8634415].message }}
  • Profile picture of the author kpmedia
    Firewalling this automatically isn't even hard to do, for the server admin. It takes a non-standard trick, but works flawlessly. However, most "admins" don't even have a clue how to do this. The perils of using budget hosts!

    Matt, we should trade techniques sometime. Remind me later this year.
    Signature
    FAQ: Need a Site5/Arvixe/Hostgator alternative? And who is EIG?
    Reviews:     Need a good VPS, dedicated server, or unlimited host? (This is NOT a fake "top 10" list!)
    {{ DiscussionBoard.errors[8634800].message }}
  • Profile picture of the author ValCDesigns
    I always use at least 2 hosts an any particular time, if it should ever come to losing one account due to whatever reason, you can use the backup files (yes, you should have these ready to go) and reinstore the sites on the other host.
    {{ DiscussionBoard.errors[8642508].message }}
  • Profile picture of the author Brad Davidson
    Thanks for the heads up.

    Did it include sites that were running wp-security with an alternate login url?
    {{ DiscussionBoard.errors[8644092].message }}

Trending Topics