WordPress Under Attack

If you were trying to get here, or to just about any other blog on the WordPress site, you probably noticed that things were loading just a little slower than usual. That is because the domain has been under a distributed denial of service attack since early Thursday. Using the same method as the hackers who brought down the main websites of Visa, Mastercard and PayPal last year to support the whistle-blowing website WikiLeaks, Thursday’s attacks have caused most of WordPress-powered blogs to become nearly inaccessible.

The attack is extremely large, multiple Gigabits per second and tens of millions of packets of data per second. WordPress folks are working to mitigate the attack, but because of the size, it is proving rather difficult. A typical DDoS attack works by bombarding a certain domain or web address with an overwhelming number of requests for access. Websites are only designed to handle a certain number of requests and can shut down if that number is greatly exceeded.

The motivation for the attack on WordPress is currently unknown.  The attacks appear to have somewhat subsided, though HTTPS access remains hindered.

UPDATE:  Cnet has some pretty good analysis of this event.