Knowledgebase

How to prevent wordpress xmlrpc.php attack Print this Article

Xmlrpc is a type of attack in which your site goes down and if you see the error log of nginx
tailf /var/log/nginx/error.log then there will be several xmlrpc request error. here is the fix for this.
Here is the steps i used to fix this issue with Fail2ban.

# apt-get install fail2ban iptables

# cd /etc/fail2ban

# cp jail.conf jail.local

# vim jail.local

Paste and append bellow lines at the end of file

[xmlrpc]
enabled = true
filter = xmlrpc
action = iptables[name=xmlrpc, port=http, protocol=tcp]
logpath = /var/log/nginx/access.log
bantime = 43600
maxretry = 2

Save.Now Create a fail2ban filter for this.

# vim /etc/fail2ban/filter.d/xmlrpc.conf

[Definition]
failregex = ^<HOST> .*POST .*xmlrpc\.php.*
ignoreregex =

Save and exit

# service fail2ban restart

Also Read

how to setup LEMP stack on crazytech vps
If you have opted crazytech india KVM VPS for hosting a high traffic wordpress website then we...

Complete Webserver- Ubuntu 14.04, apache, php-fpm, fail2ban, ufw, mariadb-server
A complete webserver for hosting heavy traffic php based CMS websites like wordpress, drupal etc...

dns server setup with ubuntu 14.04 VPS
We can setup a vps by using bind9 package # apt-get update #apt-get install bind9 # cd...

Use PHP5-FPM with Apache 2 on KVM VPS CentOs 6.8
If we need a high traffic website host on apache due to .htaccess rules ( which is very painfull...

how to use cloudflare SSL with nginx
Using cloudflare for your website gives so many of options and flexibility for your web. Free...

Knowledgebase

How to prevent wordpress xmlrpc.php attack Print this Article

Was this answer helpful?

Also Read