MicrostockGroup
Microstock Photography Forum - General => Symbiostock => Symbiostock - General => Topic started by: Leo Blanchette on September 05, 2013, 19:27
-
My Website Under a xmlrpc.php Attack! (http://www.youtube.com/watch?v=BnoonSK1hHQ#)
Boy, I sure hope I'm winning.
More on this: http://perishablepress.com/wordpress-xmlrpc-pingback-vulnerability/ (http://perishablepress.com/wordpress-xmlrpc-pingback-vulnerability/)
-
And here it is again, with Bad Behavior plugin turned back on :D
Symbiostock Site Under xmlrpc attack with "Bad Behavior Plugin" Installed (http://www.youtube.com/watch?v=nQe_yywdsqw#)
Notice how much the system resources were freed up. These attacks are pretty horrific! The spammers are still trying, but now getting a 403 and wasting their resources.
-
Do we need to do anything? Or is your post just FYI?
-
To be honest: I don't really understand what I'm seeing here, but it looks alarming. Really hope you can manage to get rid of this, Leo.
Is there anything we can do to protect our sites?
-
And here it is again, with Bad Behavior plugin turned back on :D
Symbiostock Site Under xmlrpc attack with "Bad Behavior Plugin" Installed ([url]http://www.youtube.com/watch?v=nQe_yywdsqw#[/url])
Notice how much the system resources were freed up. These attacks are pretty horrific! The spammers are still trying, but now getting a 403 and wasting their resources.
Leo,
Should we install bad behaviour?
I remember you saying it has special settings, any chance of giving some guidance on the settings at all please
Thanks
Mark
-
I turned off bad behaviour as it prevented pp payments.
I notice that wordfence is currently throttling a user though (again) as they are exceeding the maximum global requests permitted -would this be a similar thing?
-
The link at the bottom of leo's first post explains the problem and gives you code to add to the bottom of your htaccess file (in root folder).
-
The link at the bottom of leo's first post explains the problem and gives you code to add to the bottom of your htaccess file (in root folder).
Or
the link at the bottom of Leo's post gave an explanation if you understand it. I don't have a clue what it means or which code is applicable and so it is probably safer not to touch anything ?
-
The link at the bottom of leo's first post explains the problem and gives you code to add to the bottom of your htaccess file (in root folder).
Or
the link at the bottom of Leo's post gave an explanation if you understand it. I don't have a clue what it means or which code is applicable and so it is probably safer not to touch anything ?
Totally Agree.
Far too often these discussions are way above my head.
Steve
-
The xml-rpc.php file is in your wp folder. It allows a way to post using blogger and pingbacks. Hackers are using it to invade wp sites. This is a very simple explanation, you could google for more details. If you add the code shown in the article, listed under alternate .htaccess method, to your root .htaccess file, you can prevent the hacking.
Most of this stuff is over my head too, but to me, this one seemed pretty easy to implement.
-
Wow, I really scared a few people! Got a few personal messages on it. :D
Don't worry - my servers been up a few years! I'm sure shared hosting watches stuff like that. Its just funny to witness the hacking in the cyber-space-invaders classic arcade setting.
I'd say don't worry about it yet.
-
Is there any harm in adding that code to the htaccess file? I am not as confident in shared hosting as i used to be. ;D
-
The xml-rpc.php file is in your wp folder. It allows a way to post using blogger and pingbacks. Hackers are using it to invade wp sites. This is a very simple explanation, you could google for more details. If you add the code shown in the article, listed under alternate .htaccess method, to your root .htaccess file, you can prevent the hacking.
Most of this stuff is over my head too, but to me, this one seemed pretty easy to implement.
No offense but it isn't for those of us who aren't really into code.
And just a personal observation - it seems just about everybody who has or is having major issues is messing with code.
My site is working and I'm gonna leave it alone.
steve
-
The xml-rpc.php file is in your wp folder. It allows a way to post using blogger and pingbacks. Hackers are using it to invade wp sites. This is a very simple explanation, you could google for more details. If you add the code shown in the article, listed under alternate .htaccess method, to your root .htaccess file, you can prevent the hacking.
Most of this stuff is over my head too, but to me, this one seemed pretty easy to implement.
No offense but it isn't for those of us who aren't really into code.
And just a personal observation - it seems just about everybody who has or is having major issues is messing with code.
My site is working and I'm gonna leave it alone.
steve
He's right. I probably have the worst issues of all of us, and I mess with the code every day. There's definitely a pattern there :D
-
+1
As they say, if it works, don't touch it.
The big dilemma is, that sometimes it doesn't work.
-
And when it doesnt work, it gonna be too late to go messing around with the code. :)
-
Is there any harm in adding that code to the htaccess file? I am not as confident in shared hosting as i used to be. ;D
Don't mess with the .htaccess file! Even if your site appears to be running you can easily run up a 1-gig sized error file as it serves pages on errors for a month straight.
You'll know when your getting targeted! Hosts often babysit shared environments and when your no longer a baby they will ask you politely to scale up, lock down, or leave. They leave dedicated servers alone to the wolves :D
I have a A LOT to catch up on, but I think I need to make a good security tutorial that people can "set it and forget it". I just have to add it to my never-ending b----list
-
I kinda equate fiddling with the code to
Messin' with Sasquatch
http://youtu.be/G6X8rjRIQkI (http://youtu.be/G6X8rjRIQkI)