wordpress博客防止xmlrpc.php暴力破解

早上收到服务器报警,资源消耗过高,看流量消耗并不高,查询访问日志,有人短时间发送大量POST请求到博客xmlrpc.php接口,造成CPU消耗过高。

看IP是个老外,没法管啊。。

防范策略:

 

1、修改xmlrpc.php路径,防止暴力破解。

2、配置apache rewrite规则,禁止访问xmlrpc.php

 

<FilesMatch “^xmlrpc\.php$”>
    order deny,allow
    deny from all
</FilesMatch>

 

主要是博客用live writer来写,需要用到这个接口,不用的可以直接删除或者在后台禁用xmlrpc远程写博客的功能。

 

173.245.56.89 – – [14/Oct/2015:02:00:53 +0800] “POST /xmlrpc.php HTTP/1.1″ 200
141.101.104.85 – – [14/Oct/2015:02:11:06 +0800] “POST /xmlrpc.php HTTP/1.1″ 200
141.101.104.85 – – [14/Oct/2015:02:21:32 +0800] “POST /xmlrpc.php HTTP/1.1″ 200
173.245.54.67 – – [14/Oct/2015:04:38:12 +0800] “GET /xmlrpc.php HTTP/1.1″ 405 6
162.158.176.95 – – [14/Oct/2015:05:01:33 +0800] “POST /xmlrpc.php HTTP/1.1″ 200
162.158.176.95 – – [14/Oct/2015:05:01:34 +0800] “POST /xmlrpc.php HTTP/1.1″ 200
162.158.176.95 – – [14/Oct/2015:05:01:37 +0800] “POST /xmlrpc.php HTTP/1.1″ 200
162.158.176.95 – – [14/Oct/2015:05:01:40 +0800] “POST /xmlrpc.php HTTP/1.1″ 200
162.158.176.95 – – [14/Oct/2015:05:01:41 +0800] “POST /xmlrpc.php HTTP/1.1″ 200
162.158.176.95 – – [14/Oct/2015:05:01:41 +0800] “POST /xmlrpc.php HTTP/1.1″ 200
162.158.176.95 – – [14/Oct/2015:05:01:44 +0800] “POST /xmlrpc.php HTTP/1.1″ 200
162.158.176.95 – – [14/Oct/2015:05:01:44 +0800] “POST /xmlrpc.php HTTP/1.1″ 200
162.158.176.95 – – [14/Oct/2015:05:01:46 +0800] “POST /xmlrpc.php HTTP/1.1″ 200
162.158.176.95 – – [14/Oct/2015:05:01:50 +0800] “POST /xmlrpc.php HTTP/1.1″ 200
162.158.176.95 – – [14/Oct/2015:05:01:50 +0800] “POST /xmlrpc.php HTTP/1.1″ 200
162.158.176.95 – – [14/Oct/2015:05:01:54 +0800] “POST /xmlrpc.php HTTP/1.1″ 200
162.158.176.95 – – [14/Oct/2015:05:01:53 +0800] “POST /xmlrpc.php HTTP/1.1″ 200
162.158.176.95 – – [14/Oct/2015:05:01:58 +0800] “POST /xmlrpc.php HTTP/1.1″ 200
162.158.176.95 – – [14/Oct/2015:05:01:58 +0800] “POST /xmlrpc.php HTTP/1.1″ 200
162.158.176.95 – – [14/Oct/2015:05:02:02 +0800] “POST /xmlrpc.php HTTP/1.1″ 200

 

image

About 智足者富

http://chenpeng.info

发表评论

电子邮件地址不会被公开。 必填项已用*标注

您可以使用这些HTML标签和属性:

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>