How to fix WordPress XML-RPC Cyberattacks
To be protected against this cyberattack, do not forget to restrict access to /xmlrpc.php resource only from your IP address (1.2.3.4 in the example below). For Apache, edit /.htaccess file to add:
Penetration Testing Wiki
To be protected against this cyberattack, do not forget to restrict access to /xmlrpc.php resource only from your IP address (1.2.3.4 in the example below). For Apache, edit /.htaccess file to add:
When installing WordPress is important to change the predefined salts to avoid any weak cryptography that makes your cookies and session management weaker. The fastest way to fix that: https://api.wordpress.org/secret-key/1.1/salt/ If you want to get more info about possible attacks on unsecure wordpress installation, here a good reading: https://www.securitysift.com/understanding-wordpress-auth-cookies/
