Wordpress xml-rpc ddos时的Whm设置
[英]Whm settings in case of wordpress xml-rpc ddos
问题描述
I have a server with whm/cpanel where I host several WordPress websites. 
我有一台带有whm / cpanel的服务器,在其中托管了多个WordPress网站。 Recently one of the websites was under a ddos atack on xml-rpc ( xml-rpc.php is a WordPress file). 最近,其中一个网站位于xml-rpc上的ddos xml-rpc.php ( xml-rpc.php是WordPress文件)。 Here is the line from tail -f on access logs 这是访问日志中来自tail -f的行
******.58 - - [08/Oct/2015:12:32:34 +0200] "`POST /xmlrpc.php` HTTP/1.0" 403 - "-" "Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)"
For the moment, I renamed that file and blocked the IP (and install a plugin on all wp sites that disabled xml-rpc), but I was wondering if is something I can do server wide? 目前,我重命名了该文件并阻止了IP(并在所有禁用xml-rpc的wp站点上安装了一个插件),但是我想知道是否可以在服务器范围内执行某些操作?
Thanks! 谢谢!
1 个解决方案
解决方案1
0 已采纳 2015-10-08 13:04:27
To disable xmlrpc.php file server wide you need to update your pre-VirtualHost Include file with the following code. 要在整个服务器范围内禁用xmlrpc.php文件,您需要使用以下代码更新VirtualHost之前的Include文件。 You can update this file through WHM 您可以通过WHM更新此文件
<Files xmlrpc.php>
Order Deny,Allow
Deny from all
</Files>
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.