XML-PRC Attacks

Aug 22, 2015

wordpress attacks

As you’re possibly aware WordPress has XMLRPC is enabled by default. The issue with this being enabled is that we have seen an massive increase in sites not being able to serve as they are being bombarded with XML-PRC requests.

This used to be an option way back were you could enable or disable this option in WordPress, but now can only be done with .htaccess or plugin support.

You can see what XML-RPC is used for here http://codex.wordpress.org/XML-RPC_Support

Unfortunately hackers are attempting to get information on sites and gain access via this protocol.

On our premium hosting (All cPanel & Reseller Hosting) we have decided to add rules to our firewalls to stop such traffic. This has significantly reduced the site outages on certain sites, so we have implemented server wide across all our cPanel servers.

This is not available on the standard hosting.

What does this mean to you?

Please note that only the sites that were attacked were affected due to the infrastructure we have, so no individual site can bring the server down. This type of attack can bring web hosting to its knees with normal web servers, but we are protected by CloudLinux, so it only affected the targeted sites.

However it will be only a matter of time before your site cannot be reached due to some form of attack.

How does this affect you?

If you use JetPack you may have issue as it uses this protocol, but with correctly configured headers the traffic will still pass through. If you need XML-RPC we can enable by cPanel account or domain only, so please get in touch if you need this rule lifting on your services.

Once lifted the server will not protect you against such attacks.

Monthly Archives

Video Tutorials

Follow Us

cPanel Hosting
CloudLinux Hosting
imunify360 protected
Softaculous 1 click installs

Pin It on Pinterest

Share This