Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • October 31, 2015 at 12:50 pm #527893
    goldbaum

    Hi,
    I read that brute force attacks are used on xmlrpc.php to discover the login passwords.

    I would have to change the .htaccess file with the following code:
    <FilesMatch “xmlrpc\.php$”>
    order deny,allow
    deny from all
    </FilesMatch>

    I am not sure if this works for the enfold theme as well?

    Can you help me on this one?

    October 31, 2015 at 1:27 pm #527900
    Adrizz

    Hi

    First step: you must locate the IP that is attacking and blocking it, you can use several plugins but I recommend this: WWA WordPress Security Guide on the live traffic you can see the IP that access, block it with your hosting or .htaccess, if there are many IP you can lock the range or even another country if block all IP range.

    Regards

    November 2, 2015 at 8:32 am #528292
    Rikard

    Hi @goldbaum, did you try @Adrizz suggestion and did you have any luck with it?

    Best regards,
    Rikard

    November 2, 2015 at 9:44 am #528314
    goldbaum

    Yes, thanks!

    November 3, 2015 at 4:53 am #528969
    Rikard

    Hi,

    Great, glad you got it fixed :-)

    Regards,
    Rikard

  • Author
    Posts
Viewing 5 posts - 1 through 5 (of 5 total)
  • You must be logged in to reply to this topic.