denial-of-service (DoS) attack – xmlrpc.php | WordPress.org

xzoom
(@xzoom)

8 years, 7 months ago

Hello,

Our server have failed several times due to high CPU load.

At the time of the fall, we have noticed about 2000 calls (in a very short time) to POST /xmlrpc.php with IP’s with diverse backgrounds.

It is possible a denial-of-service (DoS) attack?

http://blog.sucuri.net/2014/03/more-than-162000-wordpress-sites-used-for-distributed-denial-of-service-attack.html

If so, how can we control such attacks?

Thanks!

Viewing 2 replies - 1 through 2 (of 2 total)

Marc Woodyard
(@rune-vantage)

8 years, 7 months ago

You could sign up for CloudFlare or Incapsula. They are both free, and they would both add a layer of security to your site.

Moderator Ipstenu (Mika Epstein)
(@ipstenu)

🏳️‍🌈 Plugin Review Team Rep

8 years, 7 months ago

You can also use .htaccess to block access to xmlrpc, or ask your host for assistance.

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘denial-of-service (DoS) attack – xmlrpc.php’ is closed to new replies.

In: Networking WordPress
2 replies
3 participants
Last reply from: Ipstenu (Mika Epstein)
Last activity: 8 years, 7 months ago
Status: not resolved

Views