Recent issues with onMason

I’m sure some of you have noticed that onMason has experienced some times recently when the site was either inaccessible or sluggish. The reason this has been happening is that onMason has been under constant attack since April.

An unknown party has attempted to gain access to the onMason administrator password using “brute force” methods. What this means is that the unknown party tries to log into onMason several times a second using random passwords, hoping to guess the correct password. This attack does not currently pose a threat to the security of onMason as they have been attempting to access non-existent accounts.

Unfortunately, the sheer volume of login attempts has caused performance issues with the site.

We do not believe this attack is specific to onMason or any of the sites we host since similar attacks have been reported by other WordPress sites.

See:
http://www.us-cert.gov/ncas/current-activity/2013/04/15/WordPress-Sites-Targeted-Mass-Brute-force-Botnet-Attack

In order to maintain the performance, stability and safety of onMason, we have implemented the following change:

After 5 incorrect login attempts, your account will be locked for 15 minutes. Please do try to login again before the 15 minutes are up as further attempts to login can result in an indefinite lock out.

If you are accidently locked out of your site or as experiencing any other issues due to the attacks, please contact the onMason Webmaster at webmaster@onmason.com.

We thank you for you understanding as we deal with this issue.

onMason Webmaster
Office of Student Media




Leave a Reply

You must be logged in to post a comment.