DDOS attack WordPress – April 2013 – fix

there has been a widespread DDOS campaign targetting the popular CMS script WordPress, inparticular the file used to log into the admin area of the script; wp-login.php. Large numbers of IP addresses from across the world have been attacking any files they can find, resulting in massive issues for web hosts and the stability of web servers.

to prevent from attack , please edit your .htaccess file and only allow your IP to access wordpress admin  area

<Files ~ “^wp-login.php”>
Order deny,allow
allow from x.x.x.x/24
Deny from all
</Files>