Mitigating a xmlrpc attack with config server

April 19, 2016 2.9k views
Firewall WordPress CentOS

Hi I’m running a Centos droplet with Directadmin an CSF that hosts a few wordpress installs.
But one of these keeps getting hammered with xmlrpc attacks that almost bring the droplet to a halt.

I read somewhere that you can create custom regex for configserver firewall.

I there anyone that can help me by explaining how the write the correct script to mitigate these attacks using CSF?


1 Answer

Take a look at this entry on > support forums

Try adding the following to the .htaccess file in your root directory:

<Files “xmlrpc.php”>
Order Allow,Deny
deny from all

Have another answer? Share your knowledge.