Nearly 18 million blogs hosted by WordPress were either slowed or offline this afternoon after the service was hit with an unusually large distributed denial of service (DDoS) attack, according to Automattic, which operates the hosting service. “The size of the attack is multiple Gigabits per second and tens of millions of packets per second,” WordPress said in a status update. “We are working to mitigate the attack, but because of the extreme size, it is proving rather difficult.”
The attack eventually subsided, allowing WordPress.com to restore service. Automattic was working with its upstream network providers to defend against a recurrence of the attack, WordPress founder Matt Mullenweg told TechCrunch, which is hosted on the WordPress.com VIP Hosting service and affected by the attack.
Mullenweg said the attack “was large enough to impact all three of our datacenters in Chicago, San Antonio, and Dallas. … This is the largest and most sustained attack we’ve seen in our 6 year history. We suspect it may have been politically motivated against one of our non-English blogs but we’re still investigating and have no definitive evidence yet.”