Skip to main content

WordPress Hit By Massive DDoS Attacks

WordPress has spent the last two days battling crippling DDoS attacks that have resulted in disrupted service for the company’s 18 million blogs as well as the higher profile blogs that count themselves as part of WordPress’s VIP network, such as the Financial Post and TechCrunch.

Yesterday’s post was said to be the worst WordPress had ever experienced. Today a fresh attack was launched, resulting in yet more disruptions. However, things seem to have stabilised once again. A post on the support site today read:

"Unfortunately, the DDoS attack from yesterday returned in a different form this morning and affected site-wide performance. The good news is that we were able to mitigate it quickly and performance returned to normal around 11:15 UTC.  We are continuing to monitor the situation closely."

In an email to CNet yesterday, WordPress founder Matt Mullenweg said the attack had affected three of the company's data centers and suggested it could have been politically motivated and directed at one of the blog host’s foreign language blogs.

"There's an ongoing DDoS attack that was large enough to impact all three of our data centers in Chicago, San Antonio, and Dallas--it's currently been neutralized but it's possible it could flare up again later, which we're taking proactive steps to implement," Mullenweg told CNet at the time.

"This is the largest and most sustained attack we've seen in our six-year history. We suspect it may have been politically motivated against one of our non-English blogs but we're still investigating and have no definitive evidence yet."

The news echoes a similar attack launched against LiveJournal in the summer of ‘09. The blogging network was hit in what was believed to be a coordinated attack against LiveJournal, Facebook and Twitter.