WordPress blog service down: Huge DDoS attack

Was your blog down yesterday? Could be because WordPress.com was under a massive distributed denial of service attack. Some think it was connected to a Libyan attempt to silence opposition.

By Richi Jennings. March 4, 2011.

The WordPress.com blogging service has been hit by an "extremely large" distributed denial of service attack. Many high-profile blogs were crippled or just plain unavailable for large parts of Thursday. In IT Blogwatch, bloggers speculate about political motivation.

Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention Error'd...

Alexia Tsotsis is pulling her hair out:

WordPress.com, our blog host, is currently under a denial of service attack. It’s been almost impossible to access [it] for the past 10 minutes. ... WordPress.com currently serves 30 million publishers ... and is responsible for 10% of all websites in the world ... about 300 million unique visits monthly.
...
Automattic and WordPress founder Matt Mullenweg tells us that this is the largest attack WordPress.com has ever seen, and is likely to be politically motivated: ... “We suspect it may have been politically motivated against one of our non-English blogs but we’re still investigating and have no definitive evidence yet.”.

And Dan Goodin describes good:

The vast amount of junk data being thrown at the company's servers while the DDoS ... attack was ongoing made it hard to defend against using standard countermeasures.
...
While significantly smaller than Google-owned Blogger and other hosts, WordPress is nonetheless a crucial platform for a large amount of the Web's population. ... [An] estimated ... 8.5 percent of websites.

 
Emil Protalinski also has stats:

WordPress.com, used by over 13 percent of the 1,000,000 biggest websites, was hit today by an "extremely large" distributed denial-of-service (DDoS) attack.
...
The size of the attack ... was multiple Gigabits per second and tens of millions of packets per second ... large enough to impact all three of the company's datacenters in Chicago, San Antonio, and Dallas.

While Graham Cluley has no clue who's responsible:

DDoS attacks typically involve botnets of compromised computers around the world, bombarding a site with traffic - effectively "clogging it up" and preventing legitimate users from accessing its content. ... Like 15 fat men trying to get through a revolving door at the same time.
...
It's unclear what has motivated the DDoS attack, but ... WordPress has just notified me that their systems are back to normal.

But Tanner Godarzi isn't afraid to speculate:

As of now, the attacker has not been identified but is believed to be a politically motivated assault. The recent unrest in the Middle East has led to a greater use of Blogging to inform the world and fellow protesters of the various revolutions taking place. Pro-Government supporters could have targeted non-english Blogs ... in an effort to silence them.

And Finally...
Error'd: Web 0.1 Bus Signage
 
 
Don't miss out on IT Blogwatch:

• Subscribe to the Computerworld Blogs newsletter
• Catch up with posts from the previous few days

Richi Jennings is an independent analyst/consultant, specializing in blogging, email, and security. A cross-functional IT geek since 1985, you can follow him as @richi on Twitter, pretend to be richij's friend on Facebook, or just use good old email: itbw@richij.com.

You can also read Richi's full profile and disclosure of his industry affiliations.