Since the recent botnet attack on WordPress we’ve been asked a lot of times how to change the WordPress admin user to something else (so a hacker would have to guess the username as well as your password rather than being halfway there already!).
Details of how to do this are in our knowledgebase: Changing the Admin User in WordPress.
Along with many other web hosts around the world we are currently seeing a DDoS attack targeting WordPress installations on shared hosting.
Some hosts have starting removing access to either the WordPress Admin or the “wp-login.php” script, but this then means you can’t update your site if you want to.
At this time we are adding extra security to try to prevent this, but may take further measures later today if this continues. Further updates for our clients will be available in our Network Status area of our Portal.
It’s been a pet annoyance at BetterWebSpace in recent years to see secure websites (those protected by an SSL certificate) have insecure elements on them. Stylesheets, images and external references are the most common culprits simply because they haven’t been referenced securely.
Firefox 23 will block these elements by default (and it may only be a matter of time before other browsers follow suit!), so it’s time to start cleaning up those references…