‘Largest’ DDoS attack hits WordPress

4 Mar 2011

Blogging platform WordPress.com has been targeted by a denial-of-service (DDoS) attack that the company described as “the largest and most sustained attack” in its history.

WordPress founder Matt Mullenweg said the attack yesterday had affected three of the company’s US data centres.

“This is the largest and most sustained attack we’ve seen in our six-year history. We suspect it may have been politically motivated against one of our non-English blogs but we’re still investigating and have no definitive evidence yet,” Mullenweg told CNET News.

Mullenweg added that the attack had been neutralised but it’s possible it could flare up again later and that WordPress was implementing proactive steps against the attack.

Several blogs, including those that are a part of WordPress’ VIP service, such as the Financial Post, the National Post and TechCrunch, experienced connectivity issues, along with WordPress’ nearly 18m hosted blogs.

Denial-of-service attacks are designed to overwhelm websites with requests, effectively shutting them down. Distributed attacks are a greater challenge to combat, since they can come from a wider variety of hosts and networks.