Skip to main content

WordPress blogs hit by biggest ever DDoS attack

Blogging platform WordPress has come under the biggest ever Distributed Denial of Service attack in its history, which its founder claims could be "politically motivated".

WordPress founder Matt Mullenweg made the claim on Thursday night as the attack was in full swing. At the height of the bombardment, WordPress's servers were hit by millions of packets every second in an onslaught measuring several Gigabits per second.

As yet it's unclear who was behind the attack, but its intended target is reported to be a foreign-language blog.

"This is the largest and most sustained attack we've seen in our six-year history," wrote Mullenweg. "We suspect it may have been politically motivated against one of our non-English blogs but we're still investigating and have no definitive evidence yet."

WordPress provides the platform for 10 per cent of all websites in the world, serving 30 million publishers ranging from dissident blogs by human rights activists to well-known names such as CBS, Mashable, ReadWriteWeb and TechCrunch.

"You have no idea how hard it was to get this post up," wrote TechCrunch last night as the attack was underway. The site reported that it has been "almost impossible" to access its back-end. was reported to have issued an error message reading: "Writes to the service have been disabled, we will be bringing everything back online ASAP".

Last night, WordPress told readers of its VIP blog:

"We are working to mitigate the attack, but because of the extreme size, it is proving rather difficult. At this time, everything should be back to normal as the attack has subsided, but we are actively working with our upstream providers on measures to prevent such attacks from affecting connectivity going forward."

At 20:00 GMT yesterday the site, tweeted: "Our systems are back to normal. We'll continue to monitor them and post updates here if needed."