Block xmlrpc.php attack


#1

Which commands below should I use to block xmlrpc.php attack?

1) - nano /var/www/domain.com/conf/nginx/nginx.conf

2) - nano /etc/nginx/sites-available/domain.com

3) - nano /etc/nginx/nginx.conf

Best Regards,

Carlosara


#2

Hello Carlosa,

You need to create an additional file in your vhost conf like :

nano /var/www/yourdomain.ltd/conf/nginx/xmlrpc.conf 

And to add the following content in this .conf file :

location = /xmlrpc.php {
 deny all;
 access_log off;
 log_not_found off;
}

#3