Hackers gain root access to WordPress servers

By Matthew
Apr 14, 2011
Post New Reply
  1. Automattic, the folks behind WordPress, suffered another blow to its security this week after a hacker gained access to servers containing sensitive company and user data. In a blog post yesterday, President Matt Mullenweg described the breach as a "low-level (root) break-in)" that would have given the attacker access to "potentially anything" on several of Automattic's servers.

    Read the whole story
  2. Vicenarian

    Vicenarian TS Enthusiast Posts: 100   +9

    Why can't the people that control the internet, implement something like this:

    An uber-smart "switch" that detects DDoS attacks against websites via traffic/protocol analysis, and automatically cuts off the attackers simply by closing their connections.

    How hard would that be? Honestly...

    R3DP3NGUIN TS Enthusiast Posts: 144   +7

    there is already sufficient hardware and software solutions, I dont think many companies will upgrade to the latest and greatest of technology though, due to the cost factors and stability and reliability .etc.
  4. PinothyJ

    PinothyJ TS Guru Posts: 437   +17

    Why DDoS Wordpress, what did they do to you?

  5. Leeky

    Leeky TS Evangelist Posts: 3,797   +116

    Like any market leader in their chosen area, they'll be targeted.

    Either that or Sony must have been running a Wordpress blog somewhere.... :haha:
  6. Coodu

    Coodu TS Enthusiast Posts: 155

    Really sad to see this - somebody's blog must have started a riot in China, perhaps one about time travel? ;)
  7. Per Hansson

    Per Hansson TS Server Guru Posts: 1,921   +178

    vicenarian; DDoS is not easy to control at the hardware layer.
    What a DDoS is is just millions of hosts asking for a specific webpage at the same time.

    To an untrained system admin it will just look like the "Slashdot Effect"
    That is when a smaller site gets linked from a much larger site and succumbs due to the sudden increase in traffic from said site (Been there, got the T-Shirt and all :D)

    And infact a well done DDoS attack will be impossible to filter, if the users (probably part of a botnet, or not in the case of the software LOIC willing participants) do a good job their traffic will indeed be just like the normal HTTP traffic your servers serves daily...

Similar Topics

Create an account or login to comment

You need to be a member in order to leave a comment
TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...

Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.