Support » Plugins » WordPress 4.5.1 New Exploit XMLRPC DDOS

  • Good Morning, in the last few days I noticed that my Apache server and MySql were using up nearly all of the RAM on the server. Turns out that I have had a plethora of XMLRPC.PHP Post HTTP request that were bogging down the server and denying service.

    Nothin I try is working to prevent this hack! Ive had to shut down the server in the meantime. The following are some of the things that I have tried:

    running the command “grep xmlrpc /var/log/apache2/access.log” shows:
    185.103.252.3 – – [03/May/2016:02:19:38 +0000] “POST /xmlrpc.php HTTP/1.0” 500 548 “-” “Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)”

    TRIED BLOCKING USING APACHE
    -sudo nano /etc/apache2/sites-available/000-default.conf
    #BLOCK XMLRPC.PHP TRAFFIC, SLOWED DOWN THE COMPUTER!
    <files xmlrpc.php>
    order allow,deny
    deny from all
    </files>
    -sudo service apache 2 restart

    TRIED BLOCKING USING HTACCESS
    sudo nano /var/www/html/.htaccess
    # BEGIN Disable XML-RPC.PHP
    <Files xmlrpc.php>
    order allow,deny
    deny from all
    </Files>
    # END Disable XML-RPC.PHP

    TRIED BLOCKING IN WPCONFIG
    sudo nano /var/www/html/wp-config.php
    *Add after require_once(ABSPATH . ‘wp-settings.php’);
    add_filter(‘xmlrpc_enabled’, ‘__return_false’);
    sudo nano /var/www/html/wp-content/themes/pinnacle-child/functions.php
    function remove_x_pingback($headers) {
    unset($headers[‘X-Pingback’]);
    return $headers;
    }
    add_filter(‘wp_headers’, ‘remove_x_pingback’);

    PLEASE HELP!

  • The topic ‘WordPress 4.5.1 New Exploit XMLRPC DDOS’ is closed to new replies.