Allowable IP Addresses written into .htaccess? | WordPress.org

Resolved Unsu
(@unsu)

1 year ago

I have your plugin used on many sites, and it cut my brute force attacks down by 100%, so have been very happy.

I noticed on one site today my htaccess file was modified with 10 entries of ‘Allow from xxx.xxx.xxx.xxx/32’ inside the DS-XML-RPC-API <Files>.

I didn’t whitelist any IPs in the settings. I don’t see these allowed IPS on any other site htaccess files with this plugin.

Were these added maliciously, should I be concerned? Thanks!

Viewing 2 replies - 1 through 2 (of 2 total)

Plugin Author Amin Nazemi
(@aminnz)

1 year ago

Hello, @unsu
In the last update, we added some new features one of them is allowing Jetpack to access your XML-RPC by whitelisting the main Jetpack ip’s.
You don’t need to worry, but if you don’t use Jetpack on your website, you can turn off this feature in the plugin settings.

Thread Starter Unsu
(@unsu)

1 year ago

Excellent – thank you for your work.

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Allowable IP Addresses written into .htaccess?’ is closed to new replies.

In: Plugins
2 replies
2 participants
Last reply from: Unsu
Last activity: 1 year ago
Status: resolved

Views