Block xmlrpc.php WordPress running on OpenLiteSpeed using .htaccess

Block Xmlrpc Open Litespeed

You can block the xmlrpc.php WordPress file when running on OpenLiteSpeed by adding a rewrite rule in the .htaccess file. This will reduce the brute force threat of bots making multiple resource requests. Add to your webroot .htaccess file either add it in a mod_rewrite existing block or add a new one: <IfModule mod_rewrite.c> RewriteRule…

Read More

Block wp-login.php and xmlrpc.php via fail2ban on RunCloud

Fail2ban Wordpress Runcloud

How to ban IP addresses that are brute forcing your wp-login.php and xmlrpc.php on a WordPress install with fail2ban on a RunCloud server. Email yourself any fail2ban IP addresses. Add a WordPress fail2ban filter Create a wordpress.conf file in /etc/fail2ban/filter.d/ [Definition] failregex = ^<HOST> .* “POST .*wp-login.php ^<HOST> .* “POST .*xmlrpc.php ignoreregex = If using…

Read More