Brief denial of service on web04 server on January 15, 2014 (resolved)
At approximately 9:30 PM Pacific time, all of our servers began to experience a large “distributed denial of service” (DDoS) attack via attempts to login to blogs using the standard WordPress wp-login.php script. This attack was very broad: it attacked thousands of sites across all of our servers, and it came from a huge number of IP addresses.
Processing these requests caused the overall load on all servers to increase. On “web04” the increase was enough to cause the server to start returning “503” errors for Web page requests.
Our servers already have a set of rules to protect against attacks on wp-login.php, but the rules were not quite sufficient to block tonight’s attack. We added a new rule to match tonight’s attack, and it fixed the problem.
We apologize for the time that the “web04” server returned 503 errors. As you can see by reviewing our blog posts we try to be very proactive to protect our customers’ WordPress sites, and hope that the new security rule will prevent future attacks with the same characteristics.