On 03/08/16 1:34 PM, Yann Ylavic wrote:
> Hi,
>
> On Tue, Mar 8, 2016 at 11:36 AM, Miguel González
> wrote:
>>
>> I suspect that the previous connections trying to explote xmlrpc.php are
>> now just being logged and shown as "Waiting for connection".
>>
>> Maybe the iptables rule should be differ
Hi,
On Tue, Mar 8, 2016 at 11:36 AM, Miguel González
wrote:
>
> I suspect that the previous connections trying to explote xmlrpc.php are
> now just being logged and shown as "Waiting for connection".
>
> Maybe the iptables rule should be different?
Did you try REJECT instead of DROP?
Regards,
Y
Dear all,
I have a Cpanel with Apache webserver running and I have seen many
xmlrpc accesses from fake Google bots. In my pursue of blocking those
connections I enable the following rules in my csf (iptables based
firewall):
iptables -I INPUT -p tcp --dport 80 -m state --state NEW -m recent
--n
