Short Name |
HTTP:PHP:WP-XML-RPC-PINGBACK-PP |
---|---|
Severity |
Minor |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
WordPress Pingback Via Patsy Proxy |
Release Date |
2014/07/23 |
Update Number |
2402 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects WordPress Pingbacks sent through a "Patsy Proxy". The WordPress XML RPC system has a flaw that allows a Traffic Amplification Distributed Denial of Service (DDoS) attack by sending a "Pingback" to a WordPress-enabled site that allows XML RPC, which then forwards the attack to another site. The source IP address of this attack is the "Patsy Proxy" that has the Pingback functionality enabled and is being used to attack the destination IP address.