[CentOS] slammed
SilverTip257
silvertip257 at gmail.comThu Oct 2 16:49:20 UTC 2014
- Previous message: [CentOS] slammed
- Next message: [CentOS] CUPS Enable printer from command line
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Thu, Oct 2, 2014 at 11:52 AM, <jwyeth.arch at gmail.com> wrote: > Disabling XMLRPC completely via wp-config.php is quite easy.. I can send > required info when I'm in front of a computer. You can also use an > .htaccess rule for Apache to stop requests completely. I'm sure there's > also rules for Nginx, lighttpd, etc that can be found quite easily via > Google. Surprised most people don't have this disabled/blocked already. > +1 I wrote an Apache rewrite rule (saved it in a separate file) that I can include on any WordPress sites getting hammered by requests to xmlrpc. There's also wp-login as well that gets brute forced from time to time. I was kicking back a HTTP 410 (gone, as opposed to 403 or 404). Of course they're stupid bots, so they keep hammering away! With some ISPs using NAT, I prefer the rewrite rule solution ... that way it stops the requests and doesn't block the IP entirely. Pros and cons of course, but I prefer a conservative approach first rather than a heavy handed one. -- ---~~.~~--- Mike // SilverTip257 //
- Previous message: [CentOS] slammed
- Next message: [CentOS] CUPS Enable printer from command line
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list