Greetings!

There have been several periodic downtimes lasting 5-15 minutes on Singapore VPS node "sgnode71" for the last few days. By investigating this issue, it has lead us to believe that there are any issues with the hardware itself. Though this motherboard model (SuperMicro X9DRI-LN4F) seems to have few known bugs in which the firmware may need to be upgraded and specific settings changed in the BIOS in order to prevent it from reducing the processor clock speed which can lead to odd issues or outages.

In order to correct these issues we have scheduled an emergency maintenance window of 30 minutes starting from Saturday, May 11, 2013 12:00 PM (SGT) .

Best Regards,

SkyNetHosting.Net Inc.

Hello.

There has been an outrage in one of the major Singapore carrier. The effected Singapore Data Centers are SGDC2 and SGDC3. Servers in SGDC1 is NOT effected by this outrage. The effected data centers are currently routing traffic another carriers to bring the network online.

Update1: The network will be restored within 30 - 45 minutes.

Update2: The network is back online.

Best Regards,

SkyNetHosting.Net Inc.

Hello.

As you may already aware, a brute force attack affected global WordPress installations. In order to protect your WordPress passwords being compromised we have added a human login verification for all WordPress login pages. This will act as an additional layer of security and will block all bots from reaching your WordPress login aria. To access your WordPress admin aria simply enter the mentioned username (skywp) and password (119wp) when prompted by your browser and then you will be able to access the normal WordPress admin login page without any issue. You can log in with your standard WordPress username and password to your WordPress account.

Best Regards,

SkyNetHosting.Net Inc.

Brute Force Attack on WordPress

On April 10th, our SEO servers that mainly hosting WordPress sites were subjected to a Brute Force Attack. Our System Administrations immediately started working on the affected servers and investigated the issue and became aware of potential brute-force attack on the default WordPress admin login pages.  A WordPress brute force attack is a method used to obtain the WordPress admin password by using automated software that generates a large number of multiple combinations of passwords to obtain the desired password.

We have already taken proactive steps to reduce the impact from these attacks by creating a custom security rules on our firewalls, however since there are thousands of IP's being used in the attack, the process of blocking attacker IP's have a direct impact on the performance all affected servers.

Your ongoing patience as our team finalizes the troubleshooting process is the best course of action, and is greatly appreciated.

Is there anything IP do?

Yes we need your help to resolve this issue. We strongly recommend that you proceed with the following with immediate effect :

1. Change your WordPress Password

Make passwords at least eight characters in length and make sure to use a mixture of upper and lower-case letters along with numbers and punctuation (such as $, &, !, etc.) added in between the letters. Having a strong password in place helps to protect against future brute-force attack attempts, and has the added benefit of significantly reducing the chances of malware being installed on your website or on our system.

You can also get a good idea on creating a strong password from www.howsecureismypassword.net (Use only dummy passwords to test - don't use your real passwords)

2. As the attack is targeted towards the WordPress sites that use admin as the username we would highly recommend you to change your admin username. Following url will explain you how to change your WordPress username

http://www.digitalkonline.com/blog/change-your-wordpress-admin-username/

3.  If you are unable to access your WordPress admin panel at this time to do the above changers, please remain patient as we have as we have disabled some WP admin url's for 24 hours in order to prevent password scanning on them. If you woild like to enable access to your PC please add the following code to your htaccess file.

<Files ~ "^wp-login.php">

Order deny,allow

Deny from all

Allow from x.x.x.x

</Files>

(replace x.x.x.x with their ip what they get from www.whatismyip.com)

For more details on editing the htaccess file and adding the code please visit the following url;

http://wordpress.noc38.com/how-to-edit-htaccess.htm

Your ongoing patience as we finalizes the troubleshooting process is the best course of action, and is greatly appreciated.

Best Regards,

SkyNetHosting.Net Inc.

-------------------------

Discussions about the Attack: 

WebHostingTalk:  http://www.webhostingtalk.com/showthread.php?t=1255387

HostGator: http://blog.hostgator.com/2013/04/11/global-wordpress-brute-force-flood/

Siliconrepublic:  http://www.siliconrepublic.com/strategy/item/32269-massive-brute-force-attack/

HostingDiscussion: http://www.hostingdiscussion.com/customer-service-support-issues/32748-wordpress-brute-force-attack.html

Sucuri.Net: http://blog.sucuri.net/2013/04/mass-wordpress-brute-force-attacks-myth-or-reality.html

HostDime: http://www.hostdime.com/blog/2013/04/brute-force-attack-affecting-global-wordpress-installations/

Hello.

Ever wonder how secure your WordPress password is? With www.howsecureismypassword.net tool that checks your WordPress Password and tell you how much time it would take for a normal PC to crack your password. Control panels such as cPanel comes with build in modules to stop such attacks but WordPress has no factuality to block such attacks by default, so if you have a weak password chances at that your blog could get compromised in no time.

We'd strongly recommend constructing fake passwords for testing purposes rather than using your actual WordPress password on www.howsecureismypassword.net . Consider HowSecureisMyPassword.Net as an interesting exercise about how adding a few characters and symbols to your password can increase its security. You can never be too paranoid about security!

Best Regards,

SkyNetHosting.Net Inc.

Hello,

We will be performing an emergency power maintenance on the rack that Server Alexis currently resides in. This maintenance will be taking place tonight (4/4) between 0000 and 0500 PDT(GMT -7). Due to the nature of the maintenance we will need to power off the server prior to the maintenance beginning, but no sooner than 0000 PDT.

If you have any questions or concerns about this upgrade, please do not hesitate to contact us.

Best Regards,

SkyNetHosting.Net Inc.

UPDATE: The maintainance was completed with 5 minutes downtime.