WordPress hit by biggest-ever DDoS attack

Popular blogging platform WordPress was hit by a massive Distributed Denial of Service (DDoS) attack yesterday, downing thousands of blogs.

The attack involved tens of millions of packets per second and lasted for about two hours, according to a statement on parent company Automattic’s status page. Some users said the site had been running unusually slowly for as long as three days.

The attack hit all three of the company’s data centers in Chicago, San Antonio and Dallas. The company responded by switching blogs into read-only mode while it fought the problem.

WordPress says it’s the biggest attack it’s ever seen. The size indicates that it was launched by a major botnet. And WordPress parent company Automattic is warning customers that the attack could start up again at any time.

WordPress is the biggest blogging platform in the world. It hosts over 18 million blogs, and is used by over 13 percent of the wold’s million biggest websites. Version 3.0’s been downloaded over 32.5 million times.

The company’s suggested that the attack could be politically motivated, perhaps by an overseas blog hosted by the site, although no further details were given.

It says it’s working with upstream providers to try and minimize the effects of any future attack. It’s hoping they’ll be able to help it identify and filter out any suspicious packets.