From last two months WordPress Under Huge Attack by Malicious Botnet. Hackers are using thousands of individual computers and IP addresses. The botnet goes for the most obvious hack attempt: target sites with admin as the username , and will try to access that site’s password with a combination of thousands of possible passwords.
The WordPress site currently powers over 60 million websites and read by over a quarter of a billion users every month.When survey website W3Techs conducted a survey, it was found that 17% of the world’s websites are powered by WordPress.
While the attack may only succeed a small percentage of the time, the attack could result in hundreds or thousands of compromised servers when averaged over tens of thousands of sites powered by WordPress software.
I recommend following solutions for handling this issue
Change your WordPress admin Username
We can use the following article for changing the admin username
Update wordpress version
WordPress founder Matt Mullenweg advises that if you do these first three “you’ll be ahead of 99% of sites out there and probably never have a problem.”
Use the Better WP Security plugin
As most WordPress attacks are a result of plugin vulnerabilities, weak passwords, and obsolete software. Better WP Security will hide the places those vulnerabilities live keeping an attacker from learning too much about your site and keeping them away from sensitive areas like login, admin, etc.Better WP Security takes the best WordPress security features and techniques and combines them in a single plugin thereby ensuring that as many security holes as possible are patched without having to worry about conflicting features or the possibility of missing anything on your site.
With one-click activation for most features as well as advanced features for experienced users Better WP Security can help protect any site.