Brutforce

We have moved to a support ticketing system and our forums are now closed.

Open Support Ticket

Author

Posts
January 30, 2019 at 7:33 pm #466257

Ron
Full Member

Post count: 48

I have 2 Websites tha5 keep going down because of xmlrpc bruteforcing:

Urbandinguide.com
Running geotheme

Urbanbarguide.com
Running GeoDirectory

Hosting Company suggested using a security plugin or:

Blocking xmlrpc vs .htaccess is a just a rewrite.

—

ErrorDocument 403 https://localhost
order deny,allow
# You can use allow from rules here for any ips you wish to have access to this
deny from all

—

Easily placed and set.

As long as nothing requires xmlrpc.php for usage.

What are your suggestions on this ?

Sites going down every half hour

January 30, 2019 at 9:15 pm #466271

Alex Rollin
Moderator

Post count: 27815

GD doesn’t use xmlrpc, so, no problem there.

Some members have had success with 3rd party security plugins, but we don’t recommend any of them in particular.

Ones mentioned in the past include

Wordfences
Securi

Or a WP Search https://www.google.com/search?&q=wordpress+best+brute+force+security+xmlrpc

January 30, 2019 at 11:02 pm #466297

Ron
Full Member

Post count: 48

So I can go ahead and block that ?

What is the best practice for that ? Should I do it through a plug-in ?

Thanks

January 30, 2019 at 11:04 pm #466299

Alex Rollin
Moderator

Post count: 27815

GD doesn’t need it, but we don’t have any plugin features for blocking it.

A fullstack developer should be able to help you with that:
https://geodirectoryexperts.com/experts/full-stack/
Author

Posts

Viewing 4 posts - 1 through 4 (of 4 total)

We have moved to a support ticketing system and our forums are now closed.

Open Support Ticket

How to open a new support ticket

Support Policy

Support Forum Search