WordPress XML-RPC DDoS Attacks

Home Forums BulletProof Security Pro WordPress XML-RPC DDoS Attacks

Tagged: ,

Viewing 6 posts - 1 through 6 (of 6 total)
  • Author
    Posts
  • March 17, 2014 at 12:46 pm #13893
    Krzysztof
    Participant

    Hello,

    a just read on a Polish security website that there is a problem with WordPress and that they had a massive attack even with cloudflarre helping them. It is something connected with this http://www.incapsula.com/blog/wordpress-security-alert-pingback-ddos.html

    Coud BPS Pro somehow help with this?

    March 17, 2014 at 12:56 pm #13894
    AITpro Admin
    Keymaster

    Yes, we are aware of the rise in WordPress XML-RPC DDoS exploits/attacks and have created a solution in the link below as new Bonus Code since folks will want a choice on whether or not to protect their website or not or roll the dice.  The WordPress XML-RPC issue is not a new issue, but it appears that this is going to become a more frequent attack vector judging by the new numbers of attacks/exploits going on currently.  You will see a new Bonus Code Dismiss Notice in BPS Pro 8.3 so if you add this Bonus Code now then you can just dismiss that Dismiss Notice when you upgrade to BPS Pro 8.3.

    http://forum.ait-pro.com/forums/topic/wordpress-xml-rpc-ddos-protection-protect-xmlrpc-php-block-xmlrpc-php-forbid-xmlrpc-php/

    March 17, 2014 at 1:07 pm #13897
    Krzysztof
    Participant

    Sory. My bad. I just saw this topic a few minutes after posting and was just puting the extra custom code and running it 😉

     

    March 17, 2014 at 1:11 pm #13899
    AITpro Admin
    Keymaster

    Actually thanks for letting us know about this.  Someone else beat you to the punch by only a few days.  We always want to know about any new attacks that are going on so thank you for posting this.

    March 17, 2014 at 1:11 pm #13900
    Krzysztof
    Participant

    Please have a look at this coed which I found on the same Polish site in the comments:

    http://pastebin.com/NAxRyiJj

    March 17, 2014 at 1:21 pm #13901
    AITpro Admin
    Keymaster

    The IfModule mod_rewrite section of code is already included in BPS .htaccess files/code, but it is much more sophisticated and comprehensive than the .htaccess code example in the pastebin link.  The bad bot blocking code looks ok.  You can add it to BPS Custom Code if you want to use it.  It would go in this Custom Code text box:  

  • Author
    Posts
Viewing 6 posts - 1 through 6 (of 6 total)
  • You must be logged in to reply to this topic.