XML-RPC POST attack

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

XML-RPC POST attack

Pavel Hejn-2
Hi,

I found many ideas how to protect website from XML-RPC attacks (POST hits).
They suggest .htaccess protection, using filter, delete file, use special security plugin, ban IP
address, etc.
But I want to use this protocol on my website and wanted to ask if there is any way to protect
XML-RPC from Ddos attacks directly on server side (Apache)?
I am searching for something which can be usable for many different websites on one server.
I do not want to allow only specific IP address, etc.
Do you have any working solution?

Thank you very much for ideas!

Pavel
_______________________________________________
wp-hackers mailing list
[hidden email]
http://lists.automattic.com/mailman/listinfo/wp-hackers
Reply | Threaded
Open this post in threaded view
|

Re: XML-RPC POST attack

Or Wilder
I suggest you use an oriented anti DDoS service, such as Incapsula.com, we provide protections from XML-RPC attacks.
It would be much trickier to implement your own protections without stopping or disrupting the service.

-----Original Message-----
From: wp-hackers [mailto:[hidden email]] On Behalf Of Pavel Hejn
Sent: Monday, June 01, 2015 8:20 PM
To: [hidden email]
Subject: [wp-hackers] XML-RPC POST attack

Hi,

I found many ideas how to protect website from XML-RPC attacks (POST hits).
They suggest .htaccess protection, using filter, delete file, use special security plugin, ban IP address, etc.
But I want to use this protocol on my website and wanted to ask if there is any way to protect XML-RPC from Ddos attacks directly on server side (Apache)?
I am searching for something which can be usable for many different websites on one server.
I do not want to allow only specific IP address, etc.
Do you have any working solution?

Thank you very much for ideas!

Pavel
_______________________________________________
wp-hackers mailing list
[hidden email]
http://lists.automattic.com/mailman/listinfo/wp-hackers
_______________________________________________
wp-hackers mailing list
[hidden email]
http://lists.automattic.com/mailman/listinfo/wp-hackers
Reply | Threaded
Open this post in threaded view
|

Re: XML-RPC POST attack

Michael Van Winkle
I would agree with Or Wilder, but if you want to do it yourself I recommend
blocking via iptables if possible. Here's a write-up of how I do it:

http://www.mikevanwinkle.com/block-a-hacker-post-attack-on-wordpress-xmlrpc-php/

On Mon, Jun 1, 2015 at 10:23 AM, Or Wilder <[hidden email]> wrote:

> I suggest you use an oriented anti DDoS service, such as Incapsula.com, we
> provide protections from XML-RPC attacks.
> It would be much trickier to implement your own protections without
> stopping or disrupting the service.
>
> -----Original Message-----
> From: wp-hackers [mailto:[hidden email]] On
> Behalf Of Pavel Hejn
> Sent: Monday, June 01, 2015 8:20 PM
> To: [hidden email]
> Subject: [wp-hackers] XML-RPC POST attack
>
> Hi,
>
> I found many ideas how to protect website from XML-RPC attacks (POST hits).
> They suggest .htaccess protection, using filter, delete file, use special
> security plugin, ban IP address, etc.
> But I want to use this protocol on my website and wanted to ask if there
> is any way to protect XML-RPC from Ddos attacks directly on server side
> (Apache)?
> I am searching for something which can be usable for many different
> websites on one server.
> I do not want to allow only specific IP address, etc.
> Do you have any working solution?
>
> Thank you very much for ideas!
>
> Pavel
> _______________________________________________
> wp-hackers mailing list
> [hidden email]
> http://lists.automattic.com/mailman/listinfo/wp-hackers
> _______________________________________________
> wp-hackers mailing list
> [hidden email]
> http://lists.automattic.com/mailman/listinfo/wp-hackers
>



--
Mike Van Winkle
708-289-3136
[hidden email]
http://www.mikevanwinkle.com
http://www.twitter.com/mpvanwinkle
http://www.facebook.com/mpvanwinkle


"All excellent things are as difficult as they are rare." -Spinoza
_______________________________________________
wp-hackers mailing list
[hidden email]
http://lists.automattic.com/mailman/listinfo/wp-hackers