As a web developer I am aware that security is getting difficult in manage and we need to be proactive to prevent our websites from being compromised.
Security Week writes “Attackers have been abusing an XML-RPC method to amplify their brute force attacks against WordPress websites, experts have warned.
According to security firm Sucuri, malicious actors are leveraging the fact that the XML-RPC protocol, which is supported by WordPress and several other popular content management systems, allows users to execute multiple methods within a single request by using the “system.multicall” method.
It’s not uncommon for attackers to launch brute force attacks against WordPress websites in hopes that their administrators have set a weak password that can be easily guessed. However, making a large number of requests to the “wp-login.php” login page raises red flags and the attack is not difficult to block by security systems.
By abusing the “system.multicall” method, attackers can make hundreds and even thousands of attempts with just a handful of HTTP requests. In attacks spotted by Sucuri, the malicious actors have been using the “wp.getCategories” method within “system.multicall.”
“wp.getCategories” is the method of choice in these attacks because it requires a username and a password, which allows attackers to try out widely used credential combinations, such as the “admin” username with the password “demo123.” However, experts have pointed out that they could use numerous other XML-RPC methods that require a username and a password.”
I recommend that you check your user name and password by going to the User info on your dashboard. Do not use “admin” for a user name. Use either your email address or your name instead. Make sure your password is Strong. It should contain Upper and lower case letters, numbers, and symbols. It is possible to use a combination of these characters that you can remember.
If you would like me to set this up for you, do not hesitate to ask. Let’s be safe!