Hi,
My website was recently attacked with an xmlrpc.php attack.
So far I've done the following things to improve the website security:
- Updated all Wordpress, plugins and the theme to the latest versions.
- Installed Login Security Solution (supposed to rate-limit both wp-login.php and XML-RPC)
I read here that implementing the following piece of code in my .htaccess file would be helpful, can someone confirm this?:
RewriteRule ^xmlrpc\.php$ "http\:\/\/0\.0\.0\.0\/" [R=301,L]
What else can I do to improve the security of my website and avoid getting hit with an xmlrpc.php attack again?
Thanks,
3dpc
