Author Topic: xmlrpc and wp-login attacks  (Read 216 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
xmlrpc and wp-login attacks
« on: January 14, 2020, 11:18:56 AM »
Ahoy

I'm getting a log of attacks mainly on the wordpress xmlrpc and wp-login.php files.

Is they a way to configure CSF  to auto block these request as soon as they happen?

Some of these are now overloading the server.

Offline
***
Re: xmlrpc and wp-login attacks
« Reply #1 on: January 14, 2020, 01:55:12 PM »
Short answer, yes.
You need a custom regex for CSF - I haven't had the time to fully research this and don't know the syntax enough.
Wordfence helps a bit but doesn't stop the idiots trying. ;)
(You could also setup a honeypot and block them that way)

Untested:
https://www.knownhost.com/wiki/security/csf-lfd/configure-wordpress-using-regex
Might be better:
https://forum.configserver.com/viewtopic.php?t=9447
« Last Edit: January 14, 2020, 02:05:52 PM by ejsolutions »
Running a server/VPS means YOU take responsibility to learn how to do it properly. If you can't manage, buy shared hosting.
Back to lurking mode. :-/