Diadem Technologies

toggle

Knowledgebase

...

...

Plesk Custom File Extension Support

Install Redis on Plesk Server

Plesk Subscription-level daily schedule backup

Block xmlrpc.php brute force request in Wordpress ...

Imunify360 setup and configuration

Plesk compatibility mode for legacy option

How to View the Plesk Website Statistics and Disk ...

Search email for each domain with Plesk maillog ut...

Setting up scheduled Plesk Backups through Backup ...

How To manage files with Plesk File Manager

How to Unban IP blocked IP from Plesk

Create additional FTP account in Plesk

How To Change PHP Settings or Parameter Manually F...

How to set PHP Timezone for a Website in Plesk

Whitelist, Blacklist Email IDs and Bounce options ...

How to change Plesk Panel User Password

How to change PHP version from Plesk panel

How to add a Domain in your Subscription

How to reset email address password from plesk pan...

Install Free Lets Encrypt SSL certificate for your...

Setting Permissions on Web directories and files i...

How to install Wordpress through Plesk

How to download website backup using plesk control...

Backup and restore MySQL database with Plesk

All In One WP Security & Firewall

...

Block xmlrpc.php brute force request in Wordpress site

Article ID: 1496

Last updated: 23 Apr, 2022

Block xmlrpc.php brute force request in Wordpress websites

Wordpress websites have xmlrpc requests disabled by default but some sites have it enabled and is being brute forced by hackers. This leads to increased CPU consumption on the server.

To check brute force requests on the server

To check and disable bruteforce attacks on WP sites, check the server status with htop and observe which sites are continuously coming up on the htop results.

Then investigate the access log for the site to confirm if xmlrpc.php is being requested on the site continuously

# cd /var/www/vhosts/system/uniseven.in/statistics/logs

# ll -tal

Check the log

# tail -f proxy_access_log

Here, we can see that multiple times trying to hit the xmlrpc.php for the domain uniseven.in with the same ip.

Open the (.)htaccess file add the below lines for the domain under the folder on which WP is installed

# vi /var/www/vhosts/alom.in/httpdocs/(.)htaccess

# Block WordPress xmlrpc.php requests
<Files xmlrpc.php>
order deny,allow
deny from all
</Files>

Save the file and then check the logs and also the htop status

Reference KB URL: https://blogvault.net/wordpress-disable-xmlrpc/

This article was:

Report an issue

Article ID: 1496

Last updated: 23 Apr, 2022

Revision: 5

Views: 456

Comments: 0

Tags

wordpress xmlrpc block xmlrpc wordpress

« Plesk Subscription-level daily schedule backup

Imunify360 setup and configuration »

Powered by KBPublisher (Knowledge base software)