Page 3 of 3 FirstFirst 123
Results 41 to 47 of 47

Thread: Forbid serverwide access to xmlrpc.php

  1. #41
    Join Date
    Jul 2008
    Location
    Maastricht
    Posts
    3,828
    @Alex: Thank you for the better code and the confirmation.

    @John: Thank you for the fix.
    Greetings, Richard.

  2. #42
    Join Date
    Mar 2013
    Posts
    195
    the bug for pre file is fixed in 1.56.4

    No what is the best solution? detailed please!
    ShivaHost.com
    Official DirectAdmin WebHosting accepting PayPal , BitCoin , Ripple , WebMoney and PerfectMoney

  3. #43
    Join Date
    Jul 2008
    Location
    Maastricht
    Posts
    3,828
    IMHO best solution for a server wide block without exceptions is the one which zEitEr gave in post #39.
    Reason: This prevents the possibility for a user bypassing the block by accident by using a <Files *> deny,allow in a .htaccess file.
    Greetings, Richard.

  4. #44
    Join Date
    Jul 2005
    Posts
    177
    Quote Originally Posted by zEitEr View Post
    This should work in *.4.post:

    Code:
            <Location ~ "/xmlrpc.php">
                    Order allow,deny
                    Deny from all
                    ErrorDocument 403 "Sorry, you are not allowed to view this page!"
            </Location>

    p.s. Confirmed: *.pre templates does not work on my end too, both for Nginx and Apache.
    Hi guys , can i just get some extra info regarding this, Where exactly does the above info go , add does the user configs need to be rewritten or apache reinstalled etc etc

    TY

  5. #45
    Join Date
    Jul 2008
    Location
    Maastricht
    Posts
    3,828
    It's mentioned here:
    https://www.directadmin.com/features.php?id=2158

    Next to that it's also explained on the previous page, specially in post #27 on how to do this.

    The only thing after creation of the files is to use the ./build rewrite_confs command from the custombuild directory.
    Greetings, Richard.

  6. #46
    Join Date
    May 2019
    Posts
    2
    I have seen examples for implementing this on Apache/Nginx servers here: https://help.poralix.com/articles/ho...on-directadmin.
    But, is this achievable on OpenLiteSpeed through the usage of custom templates? How should we proceed in order to accomplish it? Any clue will be wellcome. Thanks in advance.

  7. #47
    Join Date
    Jun 2008
    Posts
    6
    Quote Originally Posted by zEitEr View Post
    Hello,

    We use this:

    Code:
            <Files xmlrpc.php>
                Order allow,deny
                Deny from all
                ErrorDocument 403 "Sorry, you are not allowed to view this page!"
            </Files>
    it gives no page hit.
    It works perfectly on my server. Thanks Alex!

Page 3 of 3 FirstFirst 123

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •