WP Tavern › Forums › Create Topic
_ck_ Always delete xmlrpc.php immediately from virtually all WP installs. It’s responsible for several of the security issues with WP over the years, and it also allows unlimited password attempts. You can live without the mostly spam trackbacks for the safety of it being gone. If you are on a dedicated or VPS (and you should be) I highly recommend the (free) configserver firewall http://configserver.com/cp/csf.html – it’s not just for cpanel anymore and it’s extremely good about blocking too many connections. Last but not least when you can’t solve a ddos, replace apache with something like litespeed which is a drop in replacement (uses httpd.conf and .htaccess files directly unlike nginx). There is a free version and it can weather a ddos when apache would be long dead. Even automattic uses litespeed to this very day.
_ck_
Always delete xmlrpc.php immediately from virtually all WP installs. It’s responsible for several of the security issues with WP over the years, and it also allows unlimited password attempts. You can live without the mostly spam trackbacks for the safety of it being gone.
If you are on a dedicated or VPS (and you should be) I highly recommend the (free) configserver firewall http://configserver.com/cp/csf.html – it’s not just for cpanel anymore and it’s extremely good about blocking too many connections.
Last but not least when you can’t solve a ddos, replace apache with something like litespeed which is a drop in replacement (uses httpd.conf and .htaccess files directly unlike nginx). There is a free version and it can weather a ddos when apache would be long dead. Even automattic uses litespeed to this very day.
Name *
Email *
Website:
Topic Title (Maximum Length: 80):
Forum: — No forum —AI and WordPress Articles Blocks Showcase Discussions Events Introductions Jobs and Working in WordPress Podcast Episodes Site and Block Editor
Enter your email address to subscribe to this blog and receive notifications of new posts by email.
Email Address
Submit
Enter the destination URL
Or link to existing content