One of our clients just received an email from Network Solutions, titled “Network Solutions Security Bulletin – WordPress Security Update“.
The email goes on to say that there have been continuous attacks on WordPress sites and to maintain the latest release version and use complex passwords. No news to us. We’ve advised and helped all our clients on WordPress to update to the latest version.
But the email also mentions how denial of service attacks (DDOS) are utilizing the pingback feature in WordPress and suggesting to disable it. Very good advice.
What should you do?
The recommended action is to simply install install this plugin if you use version 3.5 or later.
More information can be found about this sort of attack on Brian Kreb’s web site.
Or by visiting Sucuri Security’s blog posting on the subject: More Than 162,000 WordPress Sites Used for Distributed Denial of Service Attack.