Feature request – block xmlrpc attacks
-
Attackers are abusing the XML-PRC “pingback” feature of WordPress blog sites to launch DDoS attacks on other sites: http://blog.spiderlabs.com/2014/03/wordpress-xml-rpc-pingback-vulnerability-analysis.html
How about logging xmlrcp.php requests, so we can set up a fail2ban jail if needed? Even if pingback/trackback are disabled, those attacks are causing server overloads.
Viewing 1 replies (of 1 total)
Viewing 1 replies (of 1 total)
- The topic ‘Feature request – block xmlrpc attacks’ is closed to new replies.