Forum Discussion

Altostratus

Dec 15, 2015

iRule to block URI /xmlrpc.php

I want to throw a 404 anytime URI /xmlrpc.php is encountered. This is to block brute force attacks via XML-RPC on my WordPress sites. All I get is a white screen with this rule. I tried in IE/Chrome/Firefox.

I'm 99% sure this is right though... thoughts?

when HTTP_REQUEST {

if { [string tolower [HTTP::uri]] contains "/xmlrpc.php" } {

    HTTP::respond 404 "Not Found" "Connection" "close"

}

}

BIG-IP

iRules

security

1 Reply

Kai_Wilke

MVP

Dec 15, 2015

Hi DGYarrington,

try this rule...

when HTTP_REQUEST {
    if { [string tolower [HTTP::uri]] contains "/xmlrpc.php" } {
        HTTP::respond 404 content "Not Found" "Connection" "close"
    }
}

Cheers, Kai

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)