[wp-hackers] XML-RPC POST attack

Or Wilder Or at incapsula.com
Mon Jun 1 17:23:44 UTC 2015

I suggest you use an oriented anti DDoS service, such as Incapsula.com, we provide protections from XML-RPC attacks.
It would be much trickier to implement your own protections without stopping or disrupting the service.

-----Original Message-----
From: wp-hackers [mailto:wp-hackers-bounces at lists.automattic.com] On Behalf Of Pavel Hejn
Sent: Monday, June 01, 2015 8:20 PM
To: wp-hackers at lists.automattic.com
Subject: [wp-hackers] XML-RPC POST attack


I found many ideas how to protect website from XML-RPC attacks (POST hits).
They suggest .htaccess protection, using filter, delete file, use special security plugin, ban IP address, etc.
But I want to use this protocol on my website and wanted to ask if there is any way to protect XML-RPC from Ddos attacks directly on server side (Apache)?
I am searching for something which can be usable for many different websites on one server.
I do not want to allow only specific IP address, etc.
Do you have any working solution?

Thank you very much for ideas!

wp-hackers mailing list
wp-hackers at lists.automattic.com

More information about the wp-hackers mailing list