Jetpack: Protection From Brute Force XML-RPC Attacks

Posted on October 12, 2015 by Carolyn Sonnek

You may have read the recent news report from Sucuri about the latest vulnerability to your WordPress XML-RPC file: Brute Force Amplification Attacks via WordPress XML-RPC

Brute force attacks against XML-RPC are one of the oldest and most common types of attacks to your site. Recently, according to Sucuri’s post above, attackers have found a way to “amplify” these attacks – making it easier for attackers to try and break into your site.

How can you protect yourself from these attacks?

Simple. Use Jetpack’s Protect module.

Sam Hotchkiss, one of our Jetpack developers, wrote an article today on his blog going over the more technical details on how this new attack method works and how Jetpack protects you from this new threat.

If you’re running Jetpack with Protect enabled, you don’t need to do anything to keep yourself safe from this. We’ve already got it taken care of for you!