Forum
Block UserAgent Wordpress
AquaNet
30 April 2014, 23:38
Hello,
Recently we are seeing a lot of ddos attacks using Wordpress pingback vulnerability which allows the attacker to send requests to target server using lots of Wordpress blogs.
Is there a way to block useragent "Wordpress" from accessing any site behind hiawatha?
Thanks
Andrew
Recently we are seeing a lot of ddos attacks using Wordpress pingback vulnerability which allows the attacker to send requests to target server using lots of Wordpress blogs.
Is there a way to block useragent "Wordpress" from accessing any site behind hiawatha?
Thanks
Andrew
Hugo Leisink
30 April 2014, 23:45
You can use the Header UrlToolkit option for that:
UrlToolkit {
...
Header User-Agent .*wordpress.* DenyAccess
}
AquaNet
30 April 2014, 23:49
Thank you, Hugo, this will not work in reverse proxy mode?
Hugo Leisink
1 May 2014, 00:39
No, the reverse proxying is done before UrlToolkit rule processing. This should be done by the destination webserver.
This topic has been closed.
Copyright © by Hugo Leisink. All rights reserved.
Built upon the Banshee PHP framework.
Built upon the Banshee PHP framework.
