.htaccess fix for a xmlrpc.php DDOS attack

We've seen that due to old WordPress versions on websites and sometimes due to DDOS attacks on xmlrpc.php, the website and server may become unstable and the traffic to the website may increase as well.

To fix this issue we have a solution which will nullify and completely remove such a DDOS attack.

Method 1: Redirect the attack to a bogus IP so that the request becomes null. Set this redirect in the .htaccess file and that's all :-

RewriteRule ^xmlrpc\.php$ “http\:\/\/0\.0\.0\.0\/” [R=301,L]

Method 2: Disable the access for xmlrpc.php using the .htaccess file with the Allow and Deny rules as below :-

<Files xmlrpc.php>
Order allow,deny
Deny from all
</Files>

Both of the above methods are very effective and will surely work in this situation. That's all!

Sachin Sunday 09 March 2014 - 07:46 am | | Default
Used tags: , , , , , , , ,

One comment

One or more comments are waiting for approval by an editor.

(optional field)
(optional field)

Comment moderation is enabled on this site. This means that your comment will not be visible until it has been approved by an editor.

Remember personal info?
Small print: All html tags except <b> and <i> will be removed from your comment. You can make links by just typing the url or mail-address.
« mount error(12): Cann… | Home | How to install and us… »