Plugin Author
AITpro
(@aitpro)
Maybe you are misunderstanding what the Security Log is for. The Security Log logs blocked hackers and spammers. So if a hacker or spammers was already being blocked then you do not have to add any additional blocking code. The Security Log is just like your Apache server log. It just logs things. You cannot stop a hacker or spammer from trying to hack or spam your website unless you fly to wherever they are in the world and smash their server. You can block them from successfully hacking or spamming your website and the Security Log will log that they are blocked.
Our sites sometimes get attacked at a rate of 1,000 attacks per second – 60,000 attacks per minute – 360,000 attacks per hour – 8,640,000 attacks per day for several days. This amount of attacks does not affect anything. There is no noticeable website performance issues or anything else that is noticeable. The only thing that is noticeable is more zipped security log emails are sent because the log files fill up very quickly.
So with all of that said, you can use either or both of these additional BPS Bonus Custom Codes to protect your xmlrpc.php file and/or XML-RPC server. The steps to add either or both Bonus Custom Codes is included in the Forum topics.
http://forum.ait-pro.com/forums/topic/wordpress-xml-rpc-ddos-protection-protect-xmlrpc-php-block-xmlrpc-php-forbid-xmlrpc-php/
http://forum.ait-pro.com/forums/topic/post-request-protection-post-attack-protection-post-request-blocker/
Plugin Author
AITpro
(@aitpro)
Did this answer all of your questions? If so, please resolve this thread. If not, please post any additional questions you may have. Thanks.
Thread Start Date: 4-18-2016
Current Date: 4-19-2016
1. Thank you very much for the kind education. 🙂
2. This really makes my day > “You cannot stop a hacker or spammer from trying to hack or spam your website unless you fly to wherever they are in the world and smash their server”, lol, thanks!
3. If I get something like this about the XML-RPC in the error log, does it mean it’s not yet protected and hence the bonus code is required?
HTTP_CLIENT_IP:
HTTP_FORWARDED:
HTTP_X_FORWARDED_FOR:
HTTP_X_CLUSTER_CLIENT_IP:
REQUEST_METHOD: GET
HTTP_REFERER:
REQUEST_URI: /xmlrpc.php
4. If the protection code is required, is the following the correct code to be added in the custom code panel (to deny all excesses via xml-rpc)?
<FilesMatch "^(xmlrpc\.php)">
Order Deny
Deny from all
</FilesMatch>
Sorry, if you find my questions are dumb indeed, I’m still learning, many thanks for granting your precious time!
Plugin Author
AITpro
(@aitpro)
The BPS Security Log is a security log and an error log. If you are seeing 403 log entries for the xmlrpc.php file then it was blocked/protected. Yes, that code you posted is valid and you can use that code if you want to. see either of the forum links I posted in my previous replies for the Custom Code steps to add your custom htaccess code.
Plugin Author
AITpro
(@aitpro)
Did this answer all of your questions? If so, please resolve this thread. If not, please post any additional questions you may have. Thanks.
Thread Start Date: 4-18-2016
Current Date: 4-21-2016
I’m seeing 403 log entries for the xmlrpc.php but I haven’t added the bonus code yet, the current BPS version already has the protection by default?
Plugin Author
AITpro
(@aitpro)
The standard BPS htaccess files do not include xmlrpc.php protection by default. You would have to add that htaccess code. The BPS Security Log logs all 403 errors whether or not the 403 error is related to or caused by BPS.
Thanks and happy weekend!
