• Dear Pleskians! The Plesk Forum will be undergoing scheduled maintenance on Monday, 7th of July, at 9:00 AM UTC. The expected maintenance window is 2 hours.
    Thank you in advance for your patience and understanding on the matter.

Question Xmlrpc attack problem

I can confirm that the Wordpress app will cause users to be blocked by Fail2Ban. That is mainly for the very high frequency that this app connects to the site and transmits more or less "empty" POSTs to it or repeatedly requests the same files from the Wordpress installation. It is more an issue of the app than an issue of the jail. The app has no reason to continuously communicate with the server and creates a lot of unnecessary load. It's been that way for years.

To disable xmlrpc.php for good in Wordpress, insert these lines into the .htaccess file in the Wordpress directory:
<Files xmlrpc.php>
order deny,allow
deny from all
</Files>

Also, look at the "Security" button of the Wordpress Toolkit in Plesk. You can also disable XMLRPC in there.
 
Hello

As @Peter Debik correctly explains, you can control this with .htaccess (deny/allow all or deny/allow only for ips).
If you don't want to do it manually or want a more general blocking per country, you can use our plugin: Deny-country Extension, it also allows limiting the attack on wp- login.php (something common Unfortunately, in our case for example, it's easy to limit access to spain the wp-login and unlock it for client that need access to other countries)
 
Back
Top