Short Name |
HTTP:PHP:WP-XMLRPC-BRUTE |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
WordPress XMLRPC Brute Force Login Attempt |
Release Date |
2014/07/30 |
Update Number |
2404 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects repeated attempts to login to a WordPress website using XMLRPC. This may be an indication of a brute-force attack to gain access to the site, or possibly an automated blog posting system with bad credentials. If the source IP address is known to you, you may need to check its configuration, otherwise, this is possibly a malicious event.