Re: wp-hackers Digest, Vol 125, Issue 1

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Re: wp-hackers Digest, Vol 125, Issue 1

Chris Rudzki
You can also whitelist, or increase the threshold, on Automattic ranges
if you like:
http://whois.arin.net/rest/org/AUTOM-93/nets


-Chris

> [hidden email]
> <mailto:[hidden email]>
> June 2, 2015 at 8:00 AM
> Send wp-hackers mailing list submissions to
> [hidden email]
>
> To subscribe or unsubscribe via the World Wide Web, visit
> http://lists.automattic.com/mailman/listinfo/wp-hackers
> or, via email, send a message with subject or body 'help' to
> [hidden email]
>
> You can reach the person managing the list at
> [hidden email]
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of wp-hackers digest..."
>
>
> Today's Topics:
>
> 1. XML-RPC POST attack (Pavel Hejn)
> 2. Re: XML-RPC POST attack (Or Wilder)
> 3. Re: XML-RPC POST attack (Michael Van Winkle)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Mon, 01 Jun 2015 19:20:03 +0200
> From: Pavel Hejn <[hidden email]>
> To: [hidden email]
> Subject: [wp-hackers] XML-RPC POST attack
> Message-ID: <[hidden email]>
> Content-Type: text/plain; charset=iso-8859-2; format=flowed
>
> Hi,
>
> I found many ideas how to protect website from XML-RPC attacks (POST
> hits).
> They suggest .htaccess protection, using filter, delete file, use
> special security plugin, ban IP
> address, etc.
> But I want to use this protocol on my website and wanted to ask if
> there is any way to protect
> XML-RPC from Ddos attacks directly on server side (Apache)?
> I am searching for something which can be usable for many different
> websites on one server.
> I do not want to allow only specific IP address, etc.
> Do you have any working solution?
>
> Thank you very much for ideas!
>
> Pavel
>
>
> ------------------------------
>
> Message: 2
> Date: Mon, 1 Jun 2015 17:23:44 +0000
> From: Or Wilder <[hidden email]>
> To: "[hidden email]"
> <[hidden email]>
> Subject: Re: [wp-hackers] XML-RPC POST attack
> Message-ID:
> <[hidden email]>
>
> Content-Type: text/plain; charset="us-ascii"
>
> I suggest you use an oriented anti DDoS service, such as
> Incapsula.com, we provide protections from XML-RPC attacks.
> It would be much trickier to implement your own protections without
> stopping or disrupting the service.
>
> -----Original Message-----
> From: wp-hackers [mailto:[hidden email]] On
> Behalf Of Pavel Hejn
> Sent: Monday, June 01, 2015 8:20 PM
> To: [hidden email]
> Subject: [wp-hackers] XML-RPC POST attack
>
> Hi,
>
> I found many ideas how to protect website from XML-RPC attacks (POST
> hits).
> They suggest .htaccess protection, using filter, delete file, use
> special security plugin, ban IP address, etc.
> But I want to use this protocol on my website and wanted to ask if
> there is any way to protect XML-RPC from Ddos attacks directly on
> server side (Apache)?
> I am searching for something which can be usable for many different
> websites on one server.
> I do not want to allow only specific IP address, etc.
> Do you have any working solution?
>
> Thank you very much for ideas!
>
> Pavel
> _______________________________________________
> wp-hackers mailing list
> [hidden email]
> http://lists.automattic.com/mailman/listinfo/wp-hackers
>
>
> ------------------------------
>
> Message: 3
> Date: Mon, 1 Jun 2015 11:35:54 -0700
> From: Michael Van Winkle <[hidden email]>
> To: [hidden email]
> Subject: Re: [wp-hackers] XML-RPC POST attack
> Message-ID:
> <[hidden email]>
> Content-Type: text/plain; charset=UTF-8
>
> I would agree with Or Wilder, but if you want to do it yourself I
> recommend
> blocking via iptables if possible. Here's a write-up of how I do it:
>
> http://www.mikevanwinkle.com/block-a-hacker-post-attack-on-wordpress-xmlrpc-php/
>
>
>
>

--
Automattic, [hidden email]
_______________________________________________
wp-hackers mailing list
[hidden email]
http://lists.automattic.com/mailman/listinfo/wp-hackers