Brute force attack xmlrpc.php

Fred

Verified User
Joined
Dec 22, 2018
Messages
29
Hi all.

I keep seeing an attack in my Brute Force log trying to get into xmlrpc.php. Ive tried to add some code to .htaccess (below) files but the attacks continue.

Also, I can't tell which domain is trying to be accessed, the URL in the Brute force log is not show.

Any suggestions are appreciated.

Code:
<files xmlrpc.php>
Order allow,deny
Deny from all
</files>
 
Last edited:
Hello,

To make it global add into Apache's templates which are managed by Directadmin.

And even if you add it, you will still see attempts in Apache logs and on Apache status page.

Note depending on your setup a Deny Error HTTP/403 produced by your PHP application might still use PHP+MySQL to generate. To avoid it would add:

Code:
ErrorDocument 403 "Sorry, you are not allowed to view this page!"

within the <FILES...></FILES> block.
 
Back
Top