Some of you may have read about a large attack on WordPress hosted sites. We use WordPress to run brooklynscouts.org.nz
Fortunately, we also use CloudFlare‘s (free) service to protect us from harm, reduce our traffic costs and speed up content delivery internationally. Predictably, the CloudFlare team were on to this issue very early and implemented the required protection:
We just pushed a rule out through CloudFlare’s WAF that detects the signature of the attack and stops it. Rather than limiting this to only paying customers, CloudFlare is rolling it out the fix to all our customers automatically, including customers on our free plan. If you are a WordPress user and you are using CloudFlare, you are now protected from this latest brute force attack. – CloudFlare Blog full entry
If our site goes offline, it’s going to be due to an admin stuff by me – not by this sort of attack!