Discussion in 'Black Hat SEO' started by Kinky123, Feb 10, 2017.
How to overcome from DDOS attack? Is there any scanner to check.
Check your web server's access_log file. If you see a flood of requests for xmlrpc.php then someone is trying to brute force your wordpress. There are security plugins that can block this activity. If you do not need xmlrpc for anything just rename that file and it will make the attack ineffective. Then ban the attacking IP in the security plugin.
Also for the wordpress (if you're using it, you can use redirection plugin stimulate the same effect, but also disable it if you need to use your xmlrpc.php in the future).
Cloudflare is a great way to stop the hackers as MikeyMikey13 suggested, but I personally prefer Incapsula. Anyway, both services will do the trick.
I don't always bruteforce, but when I do I use the same IP Address over and over like a retard
Thank you, I have renamed XMLRPC.php file. Is it enough or I need to do something else in file. How would I know that the website is out of Attack.
Some hosting providers like Amazon show you the current bandwidth usage. If it continues high, then you're still getting blasted.
You would have to look in your webserver access logs for requests to the file. If the requests are there then you are being attacked. Renaming the file makes the attack fail because the login attempts turn into 404 not found errors.
You do not need to do anything else and you can rename the file later if f you ever need to undo the change
Separate names with a comma.