ddos

Protect WordPress from brute-force XML-RPC attacks

How do you secure WordPress against xmlrpc.php attacks, optionally still being able to use (some of) its functionality like Jetpack? This post gives you some insights.

Published on Friday, 2 June 2017

Joomla websites abused as open proxy for Denial-of-Service attacks

Joomla websites using the Googlemaps plugin for Joomla are actively abused as open proxy for launching Denial-of-Service (DoS) attacks. Even though the Googlemaps plugin vulnerability plugin_googlemap2_proxy.php was released over one and a half (1,5) years ago, I still see these DoS-attacks happening on a regular basis...

Read more...

Published on Sunday, 16 November 2014

Increase in SQL injection attacks

Since a week or so, I notice a huge increase in SQL injection attacks on various websites. Anyone else seeing the same SQL injection attacks lately? This increased SQL injection activity - on various web sites and databases - has the following characteristics

Published on Thursday, 7 August 2014

MySQL sleep() attacks

MySQL sleep() command injection attacks: how not validating your PHP user input can lead to Denial of Service (DoS) attacks against websites and back-end database servers. Simply by putting "AND sleep(3)" in the address bar... Here is how to put a MySQL server to sleep, happy SQL injection!

Read more...

Published on Tuesday, 5 August 2014

Mod_evasive on IIS

Website DDoS protection with mod_evasive. Mod_evasive is a module for Apache and Windows Server IIS (using Helicon Ape). It provides protection and evasive action in the event of an HTTP DoS-, DDoS or brute force attack. Detection is performed by creating an internal dynamic hash table of IP Addresses and URIs, and denies an IP address access to a website if it's requesting the same page more than 10 times a second. This is configurable.

Read more...

Published on Thursday, 24 July 2014

Huge increase in WordPress xmlrpc.php POST requests

How to identify, block, mitigate and leverage these xmlrpc.php scans, brute-force, and user enumeration attacks on WordPress sites.

Published on Monday, 7 July 2014

windows-server (113) iis (80) powershell (77) php (55) wordpress (49) mysql (36) windows (34) performance (28) linux (23) web.config (23) Website (22) htaccess (20) bash (19) aspnet (19) url-rewrite-module (19) sql-server (18) optimization (18) ssl (17) gnu-linux (14) plugin (14) windows-10 (12) devops (11) monitoring (11) security (10) appcmd (10) wsl (9) smtp (9) wincache (9) wmi (8) zabbix (8) windows-update (8) opcache (8) openssh (7) database (7) dism (7) functions-php (7) iis-60 (7) sysops (6) wsus (6) apache (6) hyper-v (6) virtualization (6) spam (6) classic-asp (6) ddos (6) password (5) email (5) active-directory (5) umbraco (5) joomla (5) command-line (5) application-pool (5) blacklist (5) t-sql (4) wql (4) https (4) group-policy (4) backup (4) connector-net (4) debug (4) logparser (4) network-adapter (4) dns (4) query_cache (4) ghost (4) iisnode (4) node-js (4) vbscript (3) windows-firewall (3) brute-force (3) ftp (3) postfix (3) forensics (3) benchmark (3) xss (3) disk-cleanup (3) disk-space (3) sql-injection (3) openssl (2) net-core (2) visual-studio (2) windows-defender (2) rdp (2) connector-odbc (2) c (2) mysqldump (2) xml-rpc (2) smb (2) cross-site-scripting (2) innodb (2) httpbl (2) centos (2) magento (2) denial-of-service (2) deployment (2) windows-deployment-services (2) mysqli (2) open-xchange (2) waf (2) web-application-firewall (2) code-base (1) windows-11 (1) ipv6 (1) networking (1) sqlce (1) tinymce (1) Prianha-CMS (1) kvm (1) http-3 (1) quic (1) wmsvc (1) database-mirroring (1) service-principal-names (1) spn (1) jetpack (1) api (1) kms (1) red-hat (1) varnish-cache (1) elasticsearch (1) dhcp (1) jquery (1)