WordPress XML-RPC Brute Force Attacks With Multiple Logins

Recently, my WordPress site was attacked by XML-RPC Brute Force, I would like how to protect this kind of attack or any patch I can install

Brute Force attacks are one of the oldest and most common types of attacks. In fact, Brute Force attacks against any CMS. XML-RPC is a simple, portable way to make remote procedure calls over HTTP. It can be used with Perl, Java, Python, C, C++, PHP and many other programming languages. WordPress, Drupal and most content management systems support XML-RPC. One of the hidden features of XML-RPC is that you can use the system.multicall method to execute multiple methods inside a single request. So the attackers could try thousands of passwords with only 3 or 4 HTTP requests.

You can do following methods to protect your site.

1. If you have a dedicated server, you can install OSSEC
2. If you dont need XML-RPC, you can block all access to xmlrpc.php
3. If you can’t block XML-RPC, you can block system.multicall requests only

0 0 vote
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments