Wordpress pingback DDOS attacks

Wednesday, 17 September 2014 by Site Owner

WordPress sites with Pingback enabled (which is On by default) can be used in DDOS attacks against other sites.

This issue can cause entire webservers to be overloaded resulting in extremely slow services for all customers.

Please INSTALL any ONE of below plugins for your website to PREVENT your WordPress site from participating in pingback denial of service attacks.

https://wordpress.org/plugins/disable-xml-rpc-pingback/
https://wordpress.org/plugins/prevent-xmlrpc/
https://wordpress.org/plugins/remove-xmlrpc-pingback-ping/
https://wordpress.org/plugins/disable-xml-rpc-unset-x-pingback/

You can install plugin through YOUR wp-admin using the WordPress Dashboard
Login to YOUR wp-admin
Navigate to the 'Add New' in the "Plugins" dashboard
Search for one of above plugin
Click 'Install Now'
Activate the plugin on the Plugin dashboard

For more information:
See https://www.google.com/search?q=WordPress+Pingback+Vulnerability for detailed information about the vulnerability in WordPress's XMLRPC.

Back to list