Automattic Improves WordPress Security With BruteProtect Acquisition
The lead sponsor of the open-source WordPress content management system makes plug-in security free.The open-source WordPress blogging and content management system software is widely deployed and is also often attacked. In a bid to improve security, Automattic, the lead commercial sponsor behind WordPress, announced on Aug. 26 that it has acquired security vendor BruteProtect. Financial terms of the deal have not been publicly disclosed. BruteProtect provides multiple security capabilities for WordPress sites. Prior to being acquired by Automattic, BruteProtect offered a free and a paid Pro version of its service. The free version provides WordPress sites with protection against brute force attacks. Brute force attacks can take many forms but typically involve an attacker automatically trying out multiple username/password combinations in order to gain access to a site. Brute force attacks against WordPress sites are not theoretical; they are in fact a danger that impacts sites on a regular basis. In July, eWEEK reported on one such large-scale brute force attack against WordPress attempting to gain access via the wp.getUsersBlogs function, which is intended to provide an administrator with a list of blogs. According to BruteProtect, the free version of its software has protected users from 141 million attacks since April 2013. In addition to the free version, BruteProtect has a Pro version, which was offered at a subscription rate of $5 a month. The paid service is now being offered for free by Automattic to all WordPress users via its Jetpack plug-in. Jetpack is an optional plug-in for WordPress sites that provides services from Automattic. The BruteProtect Pro capabilities include uptime monitoring of WordPress sites as well as update alerts for WordPress plug-ins and themes.
"The BruteProtect team is based in Portland, Maine, and they're long-time contributors to the WordPress community," WordPress founder Matt Mullenweg wrote. "We're excited to see them join forces with the Jetpack team and up the level of security, protection, and peace of mind we'll be able to bring to the millions of sites already using Jetpack."