DDoS attacks and other sundry evils
If you don’t know what a DDoS attack is, count your lucky stars. For the long version, go here. For the short of it all, here goes, as it pertains to 3Cstudio hosted clients:
Over the summer there have been a number of instances where things were slowing down for all sites on the hosting cloud. My hosting partner discovered (thankfully he is much more tech savvy than I!) that WordPress logins were being “hit” by a deluge of login attempts. “By whom & from where” you ask? That’s where it gets tricky. Suffice it to say, “by mostly outside-the-US entities & often via a bot-net,” which is a term used for various computers usually taken over by a virus and (unbeknownst by its owner) joining this array of other computers also infected to target various logins around the globe.
Sounds straight out of a movie, ay? Well, this was far less entertaining, and much more stressful, to us than a movie. So we would probably not refer to it as movie-like ourselves, and would get back to the matters at hand so that it doesn’t overwhelm our entire hosting cloud with all these hundreds/thousands of login attempts — such server activity (on top of potentially finding a way into a site) tends to make the hardware/software work really hard to handle the demand.
“So, what was the fix?”
Currently, my hosting partner has been instituting a fix for such nefarious activity on any site that begins to show signs of wear and tear due to such efforts. Another option that I just begin to employ is a plugin discussed at the recent WordCamp Grand Rapids (shout out in effect!) called BruteProtect (which alludes to another name for similar hacker activity, called ‘brute force attacks’). This plugin gathers together results from all sites using the plugin to form an ever-growing list of IP addresses that should be considered malicious.
Bottom line: it doesn’t pay for us to be daily vigilant now, but it just might pay big dividends once an issue arises in the future!
Addendum: 09/17/13 — BruteProtect appears to be a good preventative measure, but currently still employing an HTTP Authentication add-on to curb ongoing attacks. BruteProtect shows a tally of each site’s blocked attempts in their Dashboard, so that is an interesting stat to check whenever I’m editing a site or adding something new to it.