Viewing 8 replies - 1 through 8 (of 8 total)
  • Andrew Nevins

    (@anevins)

    WCLDN 2018 Contributor | Volunteer support

    Have you talked to your hosting providers about this?

    Thread Starter pasqualerose

    (@pasqualerose)

    Thanks for the quick response. My hosting provider is the ones who first told me about the attack. They actually took the site off line for a few hours.

    Justin Greer

    (@justingreerbbi)

    You could turn off Pingbacks and Trackbacks in your settings but not to sure if this a solution. Not to sure how the site directed you there either. I am looking into the legitimacy of the claim for preventing attacks.

    Thread Starter pasqualerose

    (@pasqualerose)

    Okay. I’ll turn off Pingbacks and Trackbacks. Let me know what you find out.

    Thanks!

    Pat

    Justin Greer

    (@justingreerbbi)

    In the article:

    PS. If you don’t understand why this article figures in your pingback list, while your link isn’t in here : it’s because your blog has been abused to try and DDOS this blog

    The solution is not legit (at least for any recent version of WP). The xmlrpc class does check to make sure the pingback IP exists and is safe now.

    Line 5776  /includes/class-wp-xmlrpc-server.php

    What version of WP are you using? Ensure you are using the latest WordPress version.

    The DDoS is not directed to you but rather use your WordPress site as a relay to DDoS the blog you references. The article is about his blog being attacked and how to help people prevent them from DDoS his site. He must of made someone really mad ??

    Thread Starter pasqualerose

    (@pasqualerose)

    I’m using the latest version of WP (4.1.1)

    So what you’re saying is this guy is getting attacked and my blog is being used and it is just coincidental that my blog underwent a DDoS attack in February?

    Correct?

    Thanks,

    Pat

    Justin Greer

    (@justingreerbbi)

    Yes, in a nut shell, that is what I am getting at. Although the DDoS is not targeted toward you specifically, your servers will pick it up as one (and it does act just like one as well).

    If your host caught the traffic, you can get what method was being used and investigate it in more depth.

    Thread Starter pasqualerose

    (@pasqualerose)

    Great Thanks for looking into this! I appreciate it.

    Pat

Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘DDoS and WordPress’ is closed to new replies.