[wp-hackers] XML-RPC POST attack

Michael Van Winkle mike at mikevanwinkle.com
Mon Jun 1 18:35:54 UTC 2015


I would agree with Or Wilder, but if you want to do it yourself I recommend
blocking via iptables if possible. Here's a write-up of how I do it:

http://www.mikevanwinkle.com/block-a-hacker-post-attack-on-wordpress-xmlrpc-php/

On Mon, Jun 1, 2015 at 10:23 AM, Or Wilder <Or at incapsula.com> wrote:

> I suggest you use an oriented anti DDoS service, such as Incapsula.com, we
> provide protections from XML-RPC attacks.
> It would be much trickier to implement your own protections without
> stopping or disrupting the service.
>
> -----Original Message-----
> From: wp-hackers [mailto:wp-hackers-bounces at lists.automattic.com] On
> Behalf Of Pavel Hejn
> Sent: Monday, June 01, 2015 8:20 PM
> To: wp-hackers at lists.automattic.com
> Subject: [wp-hackers] XML-RPC POST attack
>
> Hi,
>
> I found many ideas how to protect website from XML-RPC attacks (POST hits).
> They suggest .htaccess protection, using filter, delete file, use special
> security plugin, ban IP address, etc.
> But I want to use this protocol on my website and wanted to ask if there
> is any way to protect XML-RPC from Ddos attacks directly on server side
> (Apache)?
> I am searching for something which can be usable for many different
> websites on one server.
> I do not want to allow only specific IP address, etc.
> Do you have any working solution?
>
> Thank you very much for ideas!
>
> Pavel
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers
>



-- 
Mike Van Winkle
708-289-3136
mike at mikevanwinkle.com
http://www.mikevanwinkle.com
http://www.twitter.com/mpvanwinkle
http://www.facebook.com/mpvanwinkle


"All excellent things are as difficult as they are rare." -Spinoza


More information about the wp-hackers mailing list