WordPress Distressed by Massive DDoS Attack

No one has taken "credit" for the attack, which temporarily knocked out the popular home of almost 18-million blogs.
Written by Steven Vaughan-Nichols, Senior Contributing Editor

Color me confused. I don't know why anyone would attack WordPress, the popular home of almost 18-million blogs, but they did, and for several hours on March 3rd, WordPress was out of commission.

According to Sara Rosso, VIP Services Engineer at Automattic, WordPress.com's owner," WordPress.com is currently being targeted by an extremely large Distributed Denial of Service [DDoS] attack which is affecting connectivity in some cases. The size of the attack is multiple Gigabits per second and tens of millions of packets per second."

She added, "We are working to mitigate the attack, but because of the extreme size, it is proving rather difficult. At this time, everything should be back to normal as the attack has subsided, but we are actively working with our upstream providers on measures to prevent such attacks from affecting connectivity going forward."

The attack began at approximately 6 AM Eastern time. WordPress started recovering by noon, and by about 3:30 PM the system was back to normal.

During the attack, Automattic and WordPress.com founder Matt Mullenweg added:

There's an ongoing DDoS attack that was large enough to impact all three of our datacenters in Chicago, San Antonio, and Dallas - it's currently been neutralized but it's possible it could flare up again later, which we're taking proactive steps to implement."

This is the largest and most sustained attack we've seen in our 6 year history. We suspect it may have been politically motivated against one of our non-English blogs but we're still investigating and have no definitive evidence yet.

You can try to stop DDoS attacks, but as WordPress has just discovered, and companies like MasterCard, PayPal, and Visa found out recently, it's not easy.

Unlike other recent DDoS attacks, though, such as those on sites for and against WikiLeaks, there's seems to be no reason for this attack. Internet groups such as #Gnosis, 4Chan, and Anonymous, which has been known to conduct DDoS attacks, have not been connected with this latest assault. Of course, these days it's easy for even people who wouldn't know a TCP/IP stack from a stack of firewood to make DDoS attacks thanks to programs such as Low Earth Ion Cannon.

Still, regardless of who was behind it, WordPress is working normally now. It's not known yet whether the attack has stopped for now or WordPress has managed to block this DDoS bullet.

Editorial standards