Forums

Website host blocking my IP address due to excessive xmlrpc requests

  1. wordpress_dude
    Member
    Sep 23, 2020, 4:48 PM

    My web host is blocking my IP address whenever I use the Wordpress app. This is their reason:

    "The reason it gets blocked is because the WordPress app uses the xmlrpc.php file for the API, and makes many requests to that file, which leads to the IP being blocked mistakenly - as our system flags it as a brute-force attack.

    This is a security precaution we have implemented to prevent abuse of the xmlrpc.php pingback which can lead to DoS attacks."

    How do I resolve this issue? I tried renaming the Xmlrpc file but it doesn't work. I think this article is outdated:

    https://apps.wordpress.com/support/#faq-ios-12
    https://wordpress.org/plugins/rename-xml-rpc/

  2. Hi there!

    Thanks for reaching out.

    One option you could have is to install the Jetpack plugin to connect your site to the app. Then you can whitelist the IPs for Jetpack so that these don't trigger the security precaution.

    You'll get the IP addresses to whitelist from here:
    https://jetpack.com/support/hosting-faq/

    Alternatively, could you ask your host to remove the block and use other ways to mitigate XML-RPC attacks?

    They should be able to protect your site's XML-RPC file without having to whitelist specific IP ranges. Most hosts use tools like fail2ban or ModSecurity.

    On your side of things, you can use plugins like this one to disable access to one of the methods used by hackers:

    https://wordpress.org/plugins/disable-xml-rpc-pingback/

    You can also use web application firewalls like Sucuri or CloudFlare to block hackers before they even reach your site.

    Finally, Jetpack itself includes a feature that will help against Brute Force attacks.
     
    I hope that helps!

Leave a Reply

You must log in to post.


About this Topic

Tags

No tags yet.