Author Topic: xmlrpc and wp-login attacks  (Read 4148 times)

0 Members and 1 Guest are viewing this topic.

xmlrpc and wp-login attacks
« on: January 14, 2020, 11:18:56 AM »

I'm getting a log of attacks mainly on the wordpress xmlrpc and wp-login.php files.

Is they a way to configure CSF  to auto block these request as soon as they happen?

Some of these are now overloading the server.

Re: xmlrpc and wp-login attacks
« Reply #1 on: January 14, 2020, 01:55:12 PM »
Short answer, yes.
You need a custom regex for CSF - I haven't had the time to fully research this and don't know the syntax enough.
Wordfence helps a bit but doesn't stop the idiots trying. ;)
(You could also setup a honeypot and block them that way)

Might be better:
« Last Edit: January 14, 2020, 02:05:52 PM by ejsolutions »