Hi I’m running a Centos droplet with Directadmin an CSF that hosts a few wordpress installs.
But one of these keeps getting hammered with xmlrpc attacks that almost bring the droplet to a halt.

I read somewhere that you can create custom regex for configserver firewall.

I there anyone that can help me by explaining how the write the correct script to mitigate these attacks using CSF?


These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Submit an Answer
1 answer

Take a look at this entry on wordpress.org > support forums

Try adding the following to the .htaccess file in your root directory:

<Files “xmlrpc.php”>
Order Allow,Deny
deny from all