I was curious if Simple Firewall protects WP against the XML-RPC exploit?

Hi Gary,

Thanks for the question.

The XML-RPC problem is not an exploit or vulnerability as such, it basically will just bring down a site/server with a DDoS.

The “solution” that sucuri is referring to in their article simply prevents your WordPress site from being *used* to attack other WordPress sites. It doesn’t stop you from being a target and there is ultimately no way to protect against this. This whole problem is ultimately for the WordPress core dev team to address.

However, I would recommend you use a web firewall such as CloudFlare that will, in general help protect against many attacks.

They have a setting specifically to protect you against the DDOS but it’s in their pro plan (http://blog.cloudflare.com/wordpress-pingback-attacks-and-our-waf) but either way, worth having their service regardless.

I hope that helps.
Paul.

The best way to prevent this is to block access to the xml-rpc system, which is best done through the use of .htaccess or removing it altogether

With the Simple Firewall we’ve opted from the outset to not need to modify core files on the filesystem.

These sorts of exploits are best handled at the server level – i.e. before WordPress is even loaded. And to do that you could edit your .htaccess files, as 1 example.

We may adapt our stance on modifying system files, but we like to be hands-off the .htaccess files, as with so many plugins all playing with core files like that, we never wanted to join that party. It can get quite messy.

Best to disable your XMLRPC (and I think we could offer the option within the plugin to do that)
http://wpengineer.com/2484/xml-rpc-enabled-by-default-in-wordpress-3-5/

Fire on CloudFlare and that’ll help you with ddos and dodgy traffic in a huge way.

Cool… I’d be careful as to the effect of that .htaccess as that might block the whole xmlrpc functionality. Not a problem if that’s what you want.

Cheers!
Paul.