WordPress.com Suffers Largest DDoS Attack In Its History

After recovering from the largest Distributed Denial of Service attack in the service’s history (“multiple Gigabits per second and tens of millions of packets per second”) yesterday morning, blog host WordPress.com was attacked again very early this morning, finally stabilizing its service at 11:15 UTC (around 3:15 am PST). WordPress.com serves 18 million sites, many of them news sites like our own, which lead some to conjecture that the attacks had come from the Middle East, a region experiencing its own Internet issues at the moment. Not so says Automattic founder Matt Mullenweg, who tells me that 98% of the attacks over the past two days originated in China with a small percentage coming from Japan and Korea. According to Mullenweg one of the targeted sites was a Chinese-language site operating on WordPress.com which also appears to be blocked on Baidu, China’s major search engine. WordPress.com doesn’t know exactly why the site was targeted and won’t release the name until it does. Based on the extent of the attacks Mullenweg tells me that they appear to be politically motivated. More: leaksource.wordpress.com