There have been a number of recent posts indicating that brute force attacks against WordPress sites have been on the rise and using a
Feature in the XML-RPC service.
This
Feature in the XML-RPC service allows hackers to try 100's even 1000's of username/password combinations in a single query which allows them to bypass web server rate limits.
More information can be seen in these posts:
http://www.theregister.co.uk/2015/10...c_brute_force/
https://blog.sucuri.net/2015/10/brut...ss-xmlrpc.html
https://blog.cloudflare.com/a-look-a...cation-attack/
There are recommendations that sites that do not need the XML-RPC service simply disable it. At one time this was an option in the WordPress dashboard but was removed in Version 3.5 and up...
NOTE: There are some plugins that require XML-RPC service such as Jetpak and Mobile Apps...
Some suggestions for disabling can be found here:
http://www.wpbeginner.com/plugins/ho...-in-wordpress/
http://www.blogaid.net/disable-xml-r...t-ddos-attack/
There are also plug-ins for this purpose:
https://wordpress.org/plugins/search...isable+XML-RPC
As always FutureQuest encourages anyone running any scripts, such as WordPress, to ensure they maintain the most up to date version and install any patches released to reduce the chances of a compromise of your site. This also includes any plugins, addons and themes...
Additionally very strong passwords are the number one preventative, there are many sites that provide strong password generators such as:
https://identitysafe.norton.com/password-generator/
Our own Bruce also has one on his personal site:
https://xuntroubled.merchantquest.net/pwgen/pwgen.cgi
It is always best to subscribe to any Security or Update mailing list provided
by the Authors of the script(s) you are running.
The FutureQuest Team
Linear Mode
