Brute-Force Attacks Continue to Target Customers
Not what you're looking for?
We want your feedback!
Over the past several days we have seen a sharp increase of brute-force attacks on our system. These attacks attempt to gain access to customer accounts that have weak passwords.
While these attacks are nothing new – our Security team identifies and defeats dozens of them every day – this current wave is sophisticated and large in scope. Many hosting providers are reporting similar issues this week.
We believe we have mitigated much of the attack, but there is a chance you could be affected as it continues. Because of the security measures we must put in place to address this, some customers have experienced difficulty accessing the admin pages for WordPress® or Joomla!®, while others have had intermittently unresponsive sites because of the attacks.
While we continue to take preventive and active measures to mitigate this attack, there’s also something you can do.
What We’re Doing
Our Security team continues to identify these attacks, down to the IP address, and block anything that looks malicious. Additionally, we’ve installed new features on every single one of our thousands of servers to block these bad actors more quickly.
What You Can Do
Regardless of whether you use WordPress or Joomla! for your website, this worldwide attack could affect you. That’s why it’s imperative that you use strong passwords.
We all know that “password123” is not a wise idea for a password, but neither are dictionary words, your dog’s name, or the name of the street you live on. Attackers have libraries of the most common passwords, and use those lists in attacks like we’re experiencing.
The tougher and more sophisticated your password, the more difficult it will be for an attacker to gain access. See x.co/strongpass for more information on creating a strong password.
And remember, if you use the same password for your hosting that you do for your bank account, an attacker could compromise much more than your website. Make sure your passwords are unique for all your accounts.
Thanks for your patience while we fight these attackers.