[wp-hackers] WP's XML-RPC functionality a security vulnerability?

Patty Ayers patty at ayersvirtual.com
Tue Jul 22 13:53:11 UTC 2014


Thanks to all for the information on this, much appreciated.

Patty


On Tue, Jul 22, 2014 at 8:04 AM, David Anderson <david at wordshell.net> wrote:

>
>  I've noticed a huge surge in trash traffic to /xmlrpc.php on my big sites.
>> In my case they are coming from different IP's every time which makes them
>> very hard to block (and indicating a DDOS or at least distributed
>> intrusion
>> attempt).
>>
>
> Distributed brute-force login attacks appear to have switched to using
> XMLRPC in the last couple of weeks. I'm seeing them on many sites. It seems
> reasonable to assume that this is because some of the solutions that
> protect against distributed and/or brute-force attacks aren't covering
> XMLRPC.
>
> I posted this and asked (the very good) BruteProtect about their plans the
> week before last, but haven't heard what they think about it yet (the link
> also has more info about the attacks):
>
> http://wordpress.org/support/topic/brute-forcing-via-xmlrpc
>
> Best wishes,
> David
>
> --
> UpdraftPlus - best WordPress backups - http://updraftplus.com
> WordShell - WordPress fast from the CLI - http://wordshell.net
>
>
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers
>


More information about the wp-hackers mailing list