Alert: Hackers attack 90000 wordpress blogs in last one week !

My blog was DDoS attacked... 

Luckly my hosting company shut down it's servers fast.. :-)

What actually happened when it was under attack ? You were not able to login ?

Although I was aware of it the moment it broke out, I never got such an email from wp. Was it only at self hosted ones?

I guess it has been happening for both Self hosted and general WP.com sites. 

One more point: If you feel your site has been compromised, do not forget to run a malware check on your website. Search Engines usually ban sites with malware on them. 

A few I found on net are:

http://siteinspector.comodo.com/

http://wordpress.org/extend/plugins/sucuri-scanner/

http://www.unmaskparasites.com/ 

https://www.symantec.com/verisign/trust-seal?inid=vrsn_symc_ssl_SmallBiz

set a dificult password and delete the login page itself .

there are tons of tools to bulk hack its pretty usual on the scene

wp may not always have a vulnerability but the plugins/themes you use can have

Wordfence is a good solution

Cheers!

Very true. Actually many hacks usually happen due to plugins.

BTW , how to delete the login page ? How do we login if it is not there ?

How do you delete the login page? And then how do you login yourself?

whenever you want to login just upload the login page and login lol

delete login page from FTP, how else?

n if u using blogspot or any other such service, just have a long n strong password thts it

I agree Chaitanya. Worldfence is amazing. I have it on one of my blogs and it helps a lot.

Yesterday only, I typed the wrong password by mistake, that too 5 times. and it locked the login and I could unlock it ony via my own mailbox. This is a good plugin for such attacks.

It is really a freaking news for all the bloggers who have given the big part of their whole day in writing interesting blogs one after the other. I wish all the bloggers will benefit from the article you have mentioned.After all, 'Prevention is always better than a cure(sometimes completely unavailable)'.

A note: For selfhosted Wordpress, merely taking an export might not be enough. A backup from cPanel and the database will be a good idea. Am running mine just now. 

Yup absolutely right......precaution is always a good idea.....

thanks Thakur

Can I have a backup of my blogspot blogs?...how?

Also, please make a backup of your blogs asap. If everything fails, these backups will save the day. The attacks continue and are spreading. 

More on the 2-Step Authentication

http://en.blog.wordpress.com/2013/04/05/two-step-authentication/

Its only for Wordpress.com :( 

Will need to find something for selfhosted ones

If you are running a Wordpress site, I would request you to boost your security. Please do the following:

1. Make your password stronger

2. If you are using the generic 'admin' username, please change it to a more complicated and difficult to guess name. You can do this by the following plugin: Admin username changer

3. You can also use security plugins. I have been using Stop Spammer Registrations Plugin. If you are using Buddypress, then this is even better to use this. 

4. Try to find a way to have two levels of security.