Defending against WordPress xmlrpc attacks

InMotionFans

10 years ago
Answered

Hi I have my own sites as well as a lot of my clients' sites on inMotion and I'd like your opinion. I have seen .htaccess rules protecting against xmlrpc attacks using... Redirect 301 /xmlrpc.php http://127.0.0.1 This reflects attacks back to the offender. I've also seen... Order allow,deny Deny from all Which will just plain deny access to the file. Does inMotion have a preference? Is one easier on cpu bandwidth than the other? Thanks!

Replies 2

Newest first
Newest first Oldest first

anonymous

10 years ago

Hello Kdawes01, Using the .htaccess block would help lower the accounts resource usage. There are other things you can do as well. I would recommend your client to send an email to our support team and ask for an account review. Kindest Regards, TJ Edens

Reply Link

JeffMa

The solution is entirely up to you but in most cases. Personally, I recommend denying access to the file completely instead of the redirect but either way will be perfectly fine.