News

WordPress installations abused in major ddos ​​attack

By admin
Spread the love

In a major ddos ​​attack, a functionality in WordPress was abused to increase the attack power. That’s what a security company says. It concerns the xml-rpc functionality. It can be exploited by spoofing http requests.

Weblogs use the XML-rpc functionality, among other things, to let other blogs know that they are being linked, so-called pingbacks. However, that functionality can also be abused, writes security company Sucuri. By spoofing http requests as if they came from a particular website, a WordPress website directs its response to that website.

This happened in a recent attack, in which 162,000 websites of unsuspecting WordPress users targeted other WordPress websites via xml-rpc. In addition, the caching of the affected WordPress sites was circumvented by sending random numbers with the request, so that the WordPress installation had to serve a new page with each request and consult the database. As a result, the sites quickly went down.

It is not a security problem in WordPress, Sucuri emphasizes; the xml-rpc functionality is seen as a feature. Nevertheless, administrators of a WordPress website can manually disable the pingback functionality. The security company has published a tool that allows administrators to check if their WordPress installation was abused in the recent attack.

You might also like
News

Hundreds of thousands of WordPress sites attacked via WPGateway plugin vulnerability

How To

How to Remove Malware From a WordPress Site

Extensions & Addns

Best WordPress Plugins for Detecting Malicious Code on Your Website

Downloads

Download Bolt 5.1

News

Web host GoDaddy reports theft of customer data and admin passwords

Downloads

Download Bolt 5.0