admin
Site Admin
Зарегистрирован: 11.09.2008
Сообщения: 542
|
 Добавлено: Ср Ноя 24, 2021 11:40 pm Заголовок сообщения: wp attack block |
 |
|
cpanel
I add follows to Apache Global Pre Virutalhost Includes:
<FilesMatch "^(xmlrpc\.php)">
Order Deny,Allow
# Whitelist Jetpack IPs (you can remove/replace all the Allow lines)
Allow from 192.0.64.0/18
Allow from 122.248.245.244
Allow from 54.217.201.243
Allow from 54.232.116.4
Allow from 209.15.0.0/16
Allow from 66.155.0.0/17
Allow from 64.34.206.0/24
Allow from 185.64.140.0/22
Allow from 198.181.116.0/22
Allow from 76.74.248.128/25
Allow from 76.74.255.0/25
Deny from all
</FilesMatch>
To whitelist for one domain, do this(replace the CPANELID and DOMAINNAME)
mkdir -p /etc/apache2/conf.d/userdata/std/2_4/CPANELID/DOMAINNAME
mkdir -p /etc/apache2/conf.d/userdata/ssl/2_4/CPANELID/DOMAINNAME
Create a file allowxmlrpc.conf in each above dir:
<FilesMatch "^(xmlrpc\.php)">
Allow from all
</FilesMatch>
Rebuild and restart Apache:
/scripts/rebuildhttpdconf
/scripts/restartsrv_httpd
https://forums.cpanel.net/threads/block-access-to-all-occurrences-of-xmlrpc-php-using-csf.664041/ |
|
