WordPress gets hit by major denial of service attack

For those of you having trouble accessing sites yesterday (and I would argue the attack actually started the day before that), a completely mindless DDoS attack on WP. No reason, other than they can.

WordPress gets hit by major denial of service attack

Blogging site WordPress.com was struck by a large-scale DDoS attack yesterday afternoon (our time).

It began at just before 10am, US time, when WordPress posted the following message: “WordPress.com is currently being targeted by a extremely large Distributed Denial of Service attack which is affecting connectivity in some cases. The size of the attack is multiple Gigabits per second and tens of millions of packets per second.”

“We are working to mitigate the attack, but because of the extreme size, it is proving rather difficult,” the status update added.

It took the company just under two hours to get things back to normal, according to the WordPress status page. Although some sources are reporting the downtime was longer – a PC Advisor article claims it was around six hours.

The motive for the attack isn’t clear, although PC Advisor quoted WordPress Founder Matt Mullenweg as saying: “This is the largest and most sustained attack we’ve seen in our six-year history. We suspect it may have been politically motivated against one of our non-English blogs but we’re still investigating and have no definitive evidence yet.”

Apparently it’s not legal to shoot the little pimply-faced fuckers. Shame.

9 thoughts on “WordPress gets hit by major denial of service attack

  1. veganprimate

    I never had any problem. Although, I don’t log in and out of wordpress. I log in and stay in. I don’t know if that’s why I didn’t have a problem, or if it was just luck.


  2. FAB Libber

    Just luck. I was logged in the whole time. Trouble even getting into my site/dashboard, as well as many other WP blogs.


  3. Jilla

    “pimply-faced fuckers”

    If only. They are probably fully adult IT peeps, who do nothing to justify their high-salaried useless jobs, could have been or will be employed by WP or Blogger or Google and include Assange and his buds.

    This is just another way those who have (euph: men) attack those who do not. It’s poor people, women, who have WP. Men can buy their own domains. Why IBTP was not shut down when other rounds of this went on. Some women can buy their own domain (or buy someone who is transitioning ntF to do that for them. The privilege never ends).

    Yah. At least two full days into three.

    Also two of my very active listservs have not had any posts for three days. Highly unusual. .


  4. FAB Libber

    Yeah, I know they are not all teens, there would be a lot of dudes in their 20s, and some in their 30s/40s/50s. But they still have the same stupid mentality of the pimply-faced teen boy.


  5. luckynkl

    I had trouble accessing WordPress yesterday. I thought it odd for WP to be down. But a DDoS attack would explain it. Kudos to WordPress for closing the doors on the entrances these chumps were coming in, in under 2 hours. Not an easy thing to do.

    The attack seems juvenile to me. Adults have bigger fish to fry. Gov’ts who try to shut down free speech are another story. Without knowing which site(s) were targeted, it’s hard to say who the culprit were(s). But whichever site(s) were targeted, it affected the server and caused the whole server to go down – along with everyone else on it. Which would be the whole point of a DDoS attack. Many sites have limited bandwidth (which has to with the host). A DDoS attack causes that bandwidth to exceed it’s monthly quota and shuts down the site for the rest of the month.

    DDoS scripts are readily available on the net. So simple a 10 yr old could execute them. Perhaps an IT tech wrote the script, but those who download and execute the script need no technological knowledge at all. Mostly what they attack are pictures. The script executes millions of hits on a picture or two, giving the server the impression that millions of people are accessing the site and looking at that picture. It eats up one’s monthly bandwidth quota in no time.

    These days, one can obtain a domain name for free with a host package. I’ve had host packages for as little as USD $3.99 a month. Which is chump change. Fortunately, that’s the package I was using when I got DDoSed. It was a month-by-month contract so I was only out of pocket $4 and could easily change providers the next day. But others have pre-paid yearly contracts on up to 3 years. These folks get hit hard. They’re out of a substantial amount of money and can’t change providers without losing a lot more. We’re talking hundreds of dollars.


  6. FAB Libber

    It is accessing a ‘file’, and specifically they try to target larger pictures, keeps the server busier with the requests. The benefits in requesting a picture, rather than a webpage, I would guess, is that a page can take longer to download (the css etc), whereas the picture is a single item/file. Just a guess though.


  7. Mary Sunshine

    Hi FL,

    Oh, yeah, I remember that now from the days of the ddos attack on Heart’s server. I remember researching that. Thanks for not (yet) being a senior. 😐



Leave a rilly rilly twanzphobic reply, go on, dares ya!

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s