WordPress XMLRPC attacks – How to prevent

What is wordpress XMLRPC RPC stands for Remote Procedure Call. Wordpress XMLRPC is a protocol which allows remote systems to communicate with Wordpress. The language to communicate is XML. With WordPress XMLRPC support, you can post to your WordPress blog using many popular Weblog Clients. XML-RPC functionality is turned on by default since WordPress 3.5. Brute Force Attack through wordpress XMLRPC Attackers user system.multicall method in XML-RPC to create hundreds of request combined in a single request to attack a system i.e. mostly to guess the username and password to the system. This is called as Brute Force Amplification Attacks  via WordPress XML-RPC How to prevent XMLRPC attack The most recommended way is to disable XML-RPC completely. To disable XML-RPC completely add following to your APACHE configuration file. [crayon-599c79c3bd3fc275256270/] Some plugins in wordpress e.g. Jetpack is based on XML-RPC. In that case it is not possible to disable XML-RPC entirely. In that case you can disable system.multicall requests through your firewall Check server logs regularly and find IPs...
Read More