WordPress XML-RPC DDoS Attacks

Home Forums BulletProof Security Pro WordPress XML-RPC DDoS Attacks

Tagged: ,

This topic contains 5 replies, has 2 voices, and was last updated by  AITpro Admin 5 years, 7 months ago.

Viewing 6 posts - 1 through 6 (of 6 total)
  • Author
    Posts
  • #13893

    Krzysztof
    Participant

    Hello,

    a just read on a Polish security website that there is a problem with WordPress and that they had a massive attack even with cloudflarre helping them. It is something connected with this http://www.incapsula.com/blog/wordpress-security-alert-pingback-ddos.html

    Coud BPS Pro somehow help with this?

    #13894

    AITpro Admin
    Keymaster

    Yes, we are aware of the rise in WordPress XML-RPC DDoS exploits/attacks and have created a solution in the link below as new Bonus Code since folks will want a choice on whether or not to protect their website or not or roll the dice.  The WordPress XML-RPC issue is not a new issue, but it appears that this is going to become a more frequent attack vector judging by the new numbers of attacks/exploits going on currently.  You will see a new Bonus Code Dismiss Notice in BPS Pro 8.3 so if you add this Bonus Code now then you can just dismiss that Dismiss Notice when you upgrade to BPS Pro 8.3.

    http://forum.ait-pro.com/forums/topic/wordpress-xml-rpc-ddos-protection-protect-xmlrpc-php-block-xmlrpc-php-forbid-xmlrpc-php/

    #13897

    Krzysztof
    Participant

    Sory. My bad. I just saw this topic a few minutes after posting and was just puting the extra custom code and running it 😉

     

    #13899

    AITpro Admin
    Keymaster

    Actually thanks for letting us know about this.  Someone else beat you to the punch by only a few days.  We always want to know about any new attacks that are going on so thank you for posting this.

    #13900

    Krzysztof
    Participant

    Please have a look at this coed which I found on the same Polish site in the comments:

    http://pastebin.com/NAxRyiJj

    #13901

    AITpro Admin
    Keymaster

    The IfModule mod_rewrite section of code is already included in BPS .htaccess files/code, but it is much more sophisticated and comprehensive than the .htaccess code example in the pastebin link.  The bad bot blocking code looks ok.  You can add it to BPS Custom Code if you want to use it.  It would go in this Custom Code text box:  

Viewing 6 posts - 1 through 6 (of 6 total)

You must be logged in to reply to this topic.