John.Coleman

Forum Replies Created

Viewing 3 replies - 1 through 3 (of 3 total)

  • exactly my question too – has anyone got an answer?

    Thread Starter John.Coleman

    (@johncoleman-1)

    My solution requires adding rules to a .htaccess file in your WordPress site’s root to deny access to all but specified IP addresses – which might not suit you if you do not have a static IP address. You might try the WordPress plugin Stop XML-RPC Attack or Disable XML-RPC Pingback but I have not used either.

    Good luck.
    John ??

    Thread Starter John.Coleman

    (@johncoleman-1)

    Hi girlieworks
    that’s brilliant, thanks a whole lot.

    I tried

    <Files xmlrpc.php>
order deny,allow
deny from all
allow from my.own.static.IP
</Files>

    and the Wrong Password events went away immediately I think. Witness today’s result of my GROUP BY query on the Activity Log table:

    date		wrong password count
2016-08-08	2
2016-08-11	2
2016-08-17	1
2016-08-18	1
2016-08-19	2
2016-08-22	792
2016-08-23	1404

    There is no row for today because no Wrong Passwords have been detected.

    Interestingly, since I removed the xmlrpc.php deny from all rule to see what would happen the Wrong Passwords have not returned. Maybe the Brute Force attacker gave up and moved on ?

    But I will know what to do if they return.

    Thanks to you.
    John

    ??

Viewing 3 replies - 1 through 3 (of 3 total)