han474838
By:
han474838

Mitigating a xmlrpc attack with config server

April 19, 2016 1.2k views
Firewall WordPress CentOS

Hi I'm running a Centos droplet with Directadmin an CSF that hosts a few wordpress installs.
But one of these keeps getting hammered with xmlrpc attacks that almost bring the droplet to a halt.

I read somewhere that you can create custom regex for configserver firewall.

I there anyone that can help me by explaining how the write the correct script to mitigate these attacks using CSF?

thanks
Han

1 Answer

Take a look at this entry on wordpress.org > support forums
https://wordpress.org/support/topic/how-to-prevent-denial-of-service-attacks-against-xmlrpcphp

Try adding the following to the .htaccess file in your root directory:

<Files "xmlrpc.php">
Order Allow,Deny
deny from all
</Files>

Have another answer? Share your knowledge.