BLOG

XMLRPC

Recently we have noticed a large amount of hits to the xmlrpc.php files within WordPress installations and have been causing server loads to rise. This is due to functionality in WordPress called pingbacks that is being used to perform DDOS attacks on other websites using WordPress installations. The xmlrpc.php file allows for API calls for other applications and also pingback requests. If you do not use this I would recommend removing this file, as it decreases the possibility of vulnerabilities on your WordPress installation, or disable the pingback functionality using the following plugin below.

Not only will this prevent high loads on your server, but it will also prevent denial of service traffic stemming from your website. Also removing this file as well greatly reduces the attack surface of a WordPress installation. I will provide links below explaining what pingbacks are, how to disable pingbacks with a plugin, and the vulnerability information for this type of attack. Although this vulnerability does not allow for compromise of your website, it allows others to use your site to perform a denial of service attack on others. Please feel free to contact us if you have any questions.

 

http://en.support.wordpress.com/comments/pingbacks/

https://wordpress.org/plugins/disable-xml-rpc-pingback/

http://www.cvedetails.com/cve/CVE-2014-5266/

Leave a Reply

Your email address will not be published. Required fields are marked *