(PRWEB) April 18, 2013
Wphostingdirectory.com, a site dedicated to monitoring the performance of various WordPress hosting providers, announced yesterday its analysis of how different hosts handled the recent massive WordPress brute-force attack. Last week, many users and web hosts reported they were under a brute-force attack targeting weak admin passwords through the wp-login.php. Different hosts chose different action plans to handle the hack threat and the associated server overload. What they did, how quickly they did it and how effective that was were issues researched by the WPHostingDirectory.com and summarized in a detailed article on the topic.
Based on the wphostingdirectory.com article, the main approach used by hosts to prevent their sites from being hacked was change of passwords and adding .htaccess login restrictions. Most hosts, like Godaddy, asked their customers to change the weak passwords, while some like SiteGround proactively changed those on behalf of their customers to limit the damages from possible delays.
The server overload problem seemed to be a harder issue to solve by the hosts. The scope and aggressiveness of the attack proved hard to handle even for experienced hosts like Hostgator. The two directions taken by hosts were either to rely on third-party partners’ solutions such as Sucuri and Cloudflare, or write their own in-house fixes. The most effective custom solutions were focused on diverting the traffic away from the real host server, a tactic successfully applied by SiteGround and Fatcow.
In conclusion, the directory praises custom solutions and hosts that think out of the box like SiteGround that is distinguished as the host that managed to both prevent hacking and decrease the server load and did that faster than the other hosts mentioned in the analysis.