XMLRPC or WP-Login Brute Force Login Attempt
-
Hello all,
a few days ago I commented on a post about the increase in the use of CPU resources, not entirely justified.
Digging a little deeper, I noticed that there are bots that try to access Wordpress's xmlrpc.php, with a frequency of about 3 attempts per second.
I would like to ask you in your opinion what is the best strategy to block these repeated login attempts. In this case, blocking IP is not the best solution, because I saw they rotate IP addresses.
Also, strategy have to be managed centrally (and not on specific Wordpress install) because there are many active Wordpress instances.
For example, could act on "rate limits", described here, reducing this value "HTTP and HTTPS requests - 5000 requests per second per IP" to 2 request per second per IP?
Thank's a lot
-
Hello all,
a few days ago I commented on a post about the increase in the use of CPU resources, not entirely justified.
Digging a little deeper, I noticed that there are bots that try to access Wordpress's xmlrpc.php, with a frequency of about 3 attempts per second.
I would like to ask you in your opinion what is the best strategy to block these repeated login attempts. In this case, blocking IP is not the best solution, because I saw they rotate IP addresses.
Also, strategy have to be managed centrally (and not on specific Wordpress install) because there are many active Wordpress instances.
For example, could act on "rate limits", described here, reducing this value "HTTP and HTTPS requests - 5000 requests per second per IP" to 2 request per second per IP?
Thank's a lot
@p44 said in XMLRPC or WP-Login Brute Force Login Attempt:
I would like to ask you in your opinion what is the best strategy to block these repeated login attempts.
Wordfence.
IMHO every single WordPress site should have Wordfence installed immediately.
Some interesting reading here
https://www.wordfence.com/blog/2017/01/xmlrpc-wp-login-brute-force/
-
@p44 said in XMLRPC or WP-Login Brute Force Login Attempt:
I would like to ask you in your opinion what is the best strategy to block these repeated login attempts.
Wordfence.
IMHO every single WordPress site should have Wordfence installed immediately.
Some interesting reading here
https://www.wordfence.com/blog/2017/01/xmlrpc-wp-login-brute-force/
@jdaviescoates Thank's a lot for suggestion
.It seems that is not really really cheap...
What do you think about this: hidemywpghost, suggested by @marcusquinn in this post?
-
@jdaviescoates Thank's a lot for suggestion
.It seems that is not really really cheap...
What do you think about this: hidemywpghost, suggested by @marcusquinn in this post?
@p44 Try this for free: https://wordpress.org/plugins/gotmls/
-
@p44 Try this for free: https://wordpress.org/plugins/gotmls/
Thank's a lot @marcusquinn I'll go to look this solution, even if I would like to explore what I can do centrally on Cloudron (Eg. act on "rate limits", or other possible solutions).
Thank's again
-
@jdaviescoates Thank's a lot for suggestion
.It seems that is not really really cheap...
What do you think about this: hidemywpghost, suggested by @marcusquinn in this post?
@p44 said in XMLRPC or WP-Login Brute Force Login Attempt:
@jdaviescoates Thank's a lot for suggestion
.It seems that is not really really cheap...
The free version of Wordfence is more than enough for most sites, I definitely can recommend Wordfence, itβs always on every website I create.
-
@p44 said in XMLRPC or WP-Login Brute Force Login Attempt:
@jdaviescoates Thank's a lot for suggestion
.It seems that is not really really cheap...
The free version of Wordfence is more than enough for most sites, I definitely can recommend Wordfence, itβs always on every website I create.
-
@jdaviescoates Thank's a lot for suggestion
.It seems that is not really really cheap...
What do you think about this: hidemywpghost, suggested by @marcusquinn in this post?
@p44 said in XMLRPC or WP-Login Brute Force Login Attempt:
It seems that is not really really cheap...
Um, it's free (well, the free version is - which is perfectly sufficient for most people's need. I've never paid a penny)
-
@p44 said in XMLRPC or WP-Login Brute Force Login Attempt:
It seems that is not really really cheap...
Um, it's free (well, the free version is - which is perfectly sufficient for most people's need. I've never paid a penny)
@jdaviescoates Thank's. What about CPU usage and memory use of Wordfence?
-
@jdaviescoates Thank's. What about CPU usage and memory use of Wordfence?
@p44 no idea
