Contact us

Solutions

Featured solutions AI Campus and branch Data center WAN Security Service provider Cloud operator Industries

Services

Services

Take me to HPE.com

HTTP: WordPress XMLRPC Brute Force Login Attempt

This signature detects repeated attempts to login to a WordPress website using XMLRPC. This may be an indication of a brute-force attack to gain access to the site, or possibly an automated blog posting system with bad credentials. If the source IP address is known to you, you may need to check its configuration, otherwise, this is possibly a malicious event.

References

URL: http://blog.sucuri.net/2014/07/new-brute-force-attacks-exploiting-xmlrpc-in-wordpress.html https://blog.sucuri.net/2015/10/brute-force-amplification-attacks-against-wordpress-xmlrpc.html

Short Name

HTTP:PHP:WP-XMLRPC-BRUTE

Severity

Major

Recommended

False

Recommended Action

Drop

Category

HTTP

Keywords

Attempt Brute Force Login WordPress XMLRPC

Release Date

07/30/2014

Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version

3324

False Positive

Unknown