WordPress facing "extremely large" cyber attack
Blog host WordPress.com is currently the target of a distributed denial of service (DDoS) attack the company is describing as the largest in its history.
As a result, a number of blogs--including those that are a part of WordPress' VIP service have suffered connectivity issues.
According to a post by Automattic employee Sara Rosso on the company's VIP Lobby (which is currently down but has been archived on Twitpic by Graham Cluley over at Naked Security), the size of the attack is "multiple Gigabits per second and tens of millions of packets per second." Rosso says that the company is in the process of putting a stop to the attack but that "it is proving rather difficult."
Rosso also said that the company will be handling its VIP sites ahead of general users.
: In an e-mail to CNET, WordPress founder Matt Mullenweg said the attack had affected three of the company's data centers, and was the largest its seen in the company's 6 year history. Mullenweg also said that the attack "may have been politically motivated against one of our non-English blogs," but that that detail had not been confirmed. Full e-mail below:
There's an ongoing DDoS attack that was large enough to impact all three of our datacenters in Chicago, San Antonio, and Dallas -- it's currently been neutralized but it's possible it could flare up again later, which we're taking proactive steps to implement.
This is the largest and most sustained attack we've seen in our 6 year history. We suspect it may have been politically motivated against one of our non-English blogs but we're still investigating and have no definitive evidence yet.
The company has also posted a notice on its product uptime status blog:
