Title: Feature request – block xmlrpc attacks Last modified: August 21, 2016 --- # Feature request – block xmlrpc attacks * Resolved [maghe](https://wordpress.org/support/users/maghe/) * (@maghe) * [11 years, 10 months ago](https://wordpress.org/support/topic/feature-request-block-xmlrpc-attacks/) * Attackers are abusing the XML-PRC “pingback” feature of WordPress blog sites to launch DDoS attacks on other sites: [http://blog.spiderlabs.com/2014/03/wordpress-xml-rpc-pingback-vulnerability-analysis.html](http://blog.spiderlabs.com/2014/03/wordpress-xml-rpc-pingback-vulnerability-analysis.html) * How about logging xmlrcp.php requests, so we can set up a fail2ban jail if needed? Even if pingback/trackback are disabled, those attacks are causing server overloads. * [https://wordpress.org/plugins/wp-fail2ban/](https://wordpress.org/plugins/wp-fail2ban/) Viewing 1 replies (of 1 total) * Plugin Author [invisnet](https://wordpress.org/support/users/invisnet/) * (@invisnet) * [11 years, 10 months ago](https://wordpress.org/support/topic/feature-request-block-xmlrpc-attacks/#post-5134316) * Good idea – this will be in version 2.2.0. Viewing 1 replies (of 1 total) The topic ‘Feature request – block xmlrpc attacks’ is closed to new replies. * ![](https://ps.w.org/wp-fail2ban/assets/icon-256x256.png?rev=2814701) * [WP fail2ban - Advanced Security](https://wordpress.org/plugins/wp-fail2ban/) * [Frequently Asked Questions](https://wordpress.org/plugins/wp-fail2ban/#faq) * [Support Threads](https://wordpress.org/support/plugin/wp-fail2ban/) * [Active Topics](https://wordpress.org/support/plugin/wp-fail2ban/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/wp-fail2ban/unresolved/) * [Reviews](https://wordpress.org/support/plugin/wp-fail2ban/reviews/) * 1 reply * 2 participants * Last reply from: [invisnet](https://wordpress.org/support/users/invisnet/) * Last activity: [11 years, 10 months ago](https://wordpress.org/support/topic/feature-request-block-xmlrpc-attacks/#post-5134316) * Status: resolved