AHosting, a WordPress web hosting provider, issued a warning following the announcement of a vulnerability brute force of serious impact XML-RPC system WordPress. The vulnerability, first revealed by security researchers at Sucuri, mobilize the WordPress XML-RPC system to launch a
The difficult mitigation strategy to discover brute force attack against the popular system content management. Optimal is to disable the XML-RPC functionality WordPress, according AHosting web hosting provider. If a website or WordPress plugins require XML-RPC , a firewall Web applications, many of which are available for WordPress, is an effective alternative. Sites with sufficiently secure credentials - long, random passwords with user names are hard to guess - should be relatively impervious to attack
brute force attacks are among the simplest attacks as online criminals can use against. websites. To discover the valid credentials, attackers attempt to connect using many combinations of user name password-word until they find one that works. In the case of the recently discovered vulnerability instead of targeting WordPress login page , the attackers use automated scripts that make requests to WordPress via "system.multicall" method of the XML-RPC system .
"brute force attacks are usually pretty easy to spot and prevent. To properly secure sites, they are more of an inconvenience than a security risk," said Daniel Page , business development director at web hosting provider, AHosting . "But the XML-RPC vulnerability has the potential to increase the effectiveness of brute force attacks and make it more difficult to identify."
HTTP Request
This brute force vector is particularly effective because the system.multicall method allows attackers to hundreds test combinations of password user name-password with each HTTP request, massively amplify the effectiveness of the process of brute force. Normally each HTTP request would be able to try a combination, and multiple log requests -in are easily discovered and blocked with standard security tools.
web hosting provider AHosting, which is responsible for hosting hundreds of WordPress sites of all sizes, issued this warning to raise the issue because, for the moment, it is unlikely to be mitigated by the usual process of updating. AHosting is a managed web hosting provider with facilities in Orlando, FL and Detroit, MI.
0 Komentar