if you try to login to your WordPress admin area and you receive an error message “Not acceptable” or are unable to login at all, this is because the server administrator is currently blocking a WordPress brute force attack. These brute force attacks began in April 2013 and hackers and bots have continued to exploit vulnerabilities in the wordpress framework. Unfortunately we've noticed an increase in these brute force attacks again during this period as hackers/exploiters attempt new brute force methods. Our server administrators are working hard to block these attacks.
There's more information on them at http://www.siliconrepublic.com/enterprise/item/32269-major-brute-force-attack-ag
If you are not currently seeing the "Not acceptable" error message or are unable to login at all, please refresh the page in a few hours when the attack will have ended.
If you have WordPress installed on your hosting account, at your earliest possible opportunity we very strongly recommend you take the following steps:
1) Make sure the admin area has a very secure password. For example, “secret1″ is a very insecure password and “Z#hups$M4!Z” is a good secure password. We always recommend using the password generator
2) Make sure your WordPress core is up-to-date (always use the latest version, without any exception)
3) Make sure your WordPress plugins are up-to-date (always use the latest plugins, without any exception)
4) Install the Better WP Security plugin or iThemes security. It will help block bots from your wp-login page.
5) Make sure your WordPress theme is up-to-date (and importantly, REMOVE any old inactive themes from the /wp-content/themes/ directory because old theme files are part of a new hack/exploit)
If you have any questions, please let us know.
