Speak to Lollipop
Get More Clients

Test Tool - Has Your Wordpress Website Been Used To Attack Others?

by Jo Shaer, on March 15, 2014

wordpressA worrying blog post from Krebson Security about yet another attack on Wordpress blogs.

42,000 of them this time.

The latest attack leveraged the pingback feature which allows other sites to notify your site that they have linked to one of your blog posts.

This feature is set to enabled by default.

[question ask="Any WordPress site with Pingback enabled can be used in DDOS attacks against other sites. One attacker can use thousands of popular and clean WordPress sites to perform their DDOS attack, while being hidden in the shadows, and that all happens with a simple ping back request."][/question]

Sucuri Security's Daniel Cid said

If you want to disable pingback on future posts

Go to Settings

Click Discussion


  • Attempt to notify any blogs linked to from the article
  • Allow link notifications from other blogs (pingbacks and trackbacks)

Unfortunately, it does not seem to be possible to disable the pingback feature on posts that have already been published with it enabled. Read the Krebson blog post for information about plugins and code tweaks which could help.

In the meantime Sucuri have developed a testing tool which allows you to check whether your website has been affected.

Read more about Wordpress website tutorials

Topics:Webmistress HostingWordpress Tutorials

Social Media Blog

Lollipop loves Social Media. Our blog shows you how to promote your business and convert your website visitors into leads and paying customers. Take a look!


Subscribe to Updates

You May Also Like

These Related Stories