Today we are releasing the WordPress attack report for February 2017. You can also find our January 2017 and December 2016 attack reports on the blog. This report contains a new kind of analysis on the top 25 attacking IPs, called topology analysis. We have used this technique to identify groups of IPs acting in concert with each other. It is a fun visual kind of analysis and is a powerful way to analyze graph data. I think you are going to find it provides a clearer picture of the WordPress threat landscape.
The report also contains the data you have come to expect, including top 25 attacking IPs and their details, charts of brute force and complex attacks, top attacked themes and plugins and top attacking countries.
Most Active IPs
I’m including our usual explanation of how the table below works. If you’re familiar with our attack reports, you can skip down to the table below which contains the February data and read my comments that follow the table.
Brief introduction if you’re new to viewing these reports
In the table below we have listed the most active attack IPs for February 2017. Note that the ‘Attacks’ column is in millions and is the total of