Large botnet attacks WordPress installations worldwide
Hosting companies worldwide are reporting an increase in brute force attacks on the administration interfaces of WordPress installations. In a blog post, HostGator says its customers have registered attacks from over 90,000 IP addresses and content delivery network CloudFlare has also noted increased brute force activity targeting WordPress installations. Security company Sucuri has says it has seen an increase of brute force attacks since the beginning of the month.
According to these observations, the botnet is trying to gain administrative access to the WordPress installations by using a dictionary attack on popular administrator user names.
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump