Latest Botnet Attacking WordPress wp-login.php
A botnet is currently attacking WordPress login (wp-login.php) with user name admin in a dDOS (Distributed Denial of Service) Brute Force attack intended to force the server and WordPress to allow the cyber-criminals access to the site
We’ve seen this botnet hammering some of our WordPress sites the last several days. So far we’ve seen attacks from the IPs listed below. (Note: These are only those used to attack our monitored sites – and the botnet will have more…
Be Pro-active and Defend Your WordPress Site
Really Slow Joomla Site for Server and Site Demo
I received some links to a couple of really slow Joomla websites today. The links came in an e-mail with promotional offers from a South African web developer (competitor?). I don’t like to knock other developers so I won’t mention the sites or his name. However, the slow page loads for the two sites mentioned as recent samples, and the hosting setup mentioned motivates me to write about my findings…
The developer states “all sites hosted on my own server which only has my customers on it… All customers have the same server benefits of unlimited email accounts, unlimited website traffic, unlimited website storage…” I was intrigued by the ‘own server’, and decided to have a look at the sites.
GoDaddy Hosted Website – Unable to connect
Can’t establish a connection to the server at www.***online.com.
- The site could be temporarily unavailable or too busy. Try again in a few moments.
- If you are unable to load any pages, check your computer’s network connection.
- If your computer or network is protected by a firewall or proxy, make sure that Firefox is permitted to access the Web.
Slow TTFB, Timeouts, No Connection, Database Errors on GoDaddy Hosting
Time to first byte served (TTFB) often 15 seconds and longer, another 15 t0 60 seconds before the full page is loaded, Google bot page load over 4 seconds, “unable to connect to WordPress database”, unable to connect to website. Some of the ‘normal’ performance issues experienced by a client’s site hosted with GoDaddy.
GoDaddy Restores Website Database Without Asking?
I wonder how many others have noticed something odd happening with their WordPress sites hosted on GoDaddy. By odd, I mean you make changes e.g. delete fix or captured 404 errors, activate a new plugin or update a plugin and so on, then the next day you go back to the site, and all the changes are gone – the same things fixed yesterday still exist?
There are only two things I can think of to cause this to happen;
- Sites using distributed servers are not updating (unlikely with basic shared hosting)
- the hosting company (GoDaddy) is restoring the site and/or database from a backup (most likely)
FTP (File Transfer Protocol) is Not Optional
Before signing a hosting contract, make sure the service you are planning to use allows FULL FTP access to your website! By FULL FTP I mean you must have the choice to use any FTP client (or at the very least those FTP clients considered reliable, and in common use by the industry).
A FTP client is simply the term for a ftp program. (In the same way MS Office Outlook is considered an e-mail client). FTP clients are used to copy files from one location to another over the internet. Filezilla is a commonly used open source FTP client for Windows.
Some web design applications have built-in FTP clients e.g. Dreamweaver. Content Management Systems e.g. WordPress permit file uploads, but are not FTP clients – An FTP client must be standalone, and not dependent on the website. If a CMS website crashes, FTP may be the only way to recover the site; if the CMS is the client, and the site is down, you cannot replace the files easily. Read the rest of this entry