WordPress taken down by extremely large DDoS attack

Share this article:

The blog-hosting site WordPress was hit by a huge distributed denial-of-service (DDoS) attack last night, leaving bloggers and visitors locked out.

WordPress.com's parent Automattic confirmed that the site was ‘being targeted by an extremely large DDoS attack which is affecting connectivity in some cases'.

A statement from Automattic's Sara Rosso said: “The size of the attack is multiple Gigabits per second and tens of millions of packets per second.

“We are working to mitigate the attack, but because of the extreme size, it is proving rather difficult. At this time, everything should be back to normal as the attack has subsided, but we are actively working with our upstream providers on measures to prevent such attacks from affecting connectivity going forward.”

Automattic and WordPress.com founder Matt Mullenweg later told TechCrunch that the DDoS attack was large enough to impact all three of its data centres in Chicago, San Antonio and Dallas.

“It has currently been neutralised but it is possible it could flare up again later, which we're taking proactive steps to implement," he said.

“This is the largest and most sustained attack we've seen in our six-year history. We suspect it may have been politically motivated against one of our non-English blogs but we're still investigating and have no definitive evidence yet."

He later confirmed that the systems had been returned to normal.

Graham Cluley, senior technology consultant at Sophos, said that its Naked Security blog site runs on the VIP version of the WordPress.com platform and its writers had experienced difficulties because of the disruption.

Share this article:

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more