Categories
Security Wordpress

xmlrpc.php

I was seeing lots of Warnings about POST-request to xmlrpc.php in the logfiles of modSecurity for apache.

Turns out that wordpress uses the XML-RPC protocol that was created in 1998, the problem with having this enabled is that it encourages hackers to try and guess your password by making hundreds or thousands of login attempts in one single request.

The fix is easy:

### ASBRA - Block WordPress xmlrpc.php requests
<Files xmlrpc.php>
order deny,allow
deny from all
</Files>
### END ASBRA

By Nimpen J. Nordström

System Developer and Network Security Enthusiast

Leave a Reply

Your email address will not be published. Required fields are marked *