ddos

Jetpack Protect will guard against brute-force attacks against XML-RPC: https://jetpack.com/support/security-features/#protect

Keep in mind though that brute-force attacks and DDoS are not the same thing, so you’ll need to check with your hosting provider to confirm if you’re really experiencing a DDoS attack.

Jetpack does not mitigate DDoS attacks, those are the responsibility of your hosting provider.

These are xmlrpc ddos. After renaming xmlrpc.php server load goes down from 235 Cpu to 0.5 Cpu. It means this is the attack of xmlrpc. I am using jetpack free version and this attack exist. How to solve?

You’ll need to speak to your hosting provider then, it’s their responsibility to mitigate DDoS attacks.

They are telling we don’t get any DDOS statics. Datacenter also confirmed that no DDOS recorded yet. Its the xmlrpc attack totally.
If I rename xmlrpc.php to any name like xhdfjds.php then server load goes down within 10 seconds 235 cpu to 0.5 cpu.
What should I do now. ??

If your hosting provider and your data center have confirmed there is no DDoS, then either there is no DDoS, or you need a new hosting provider. ??

It could just be a simple brute-force attack, if so Jetpack Protect will guard against that as mentioned earlier.

Its ovh dedicated server. And they are known for ddos protection. They did not get any ddos. And as you are telling jetpack can block xmlrpc attack then why it is not holding? If I rename xmlrc.php then server load is normal. It means your protection is not enough. Now what will be the way to use jetpack without xmlrpc? Because if I store xmlrpc.php then my server goes down with the attack and if I remove xmlrpc then jetpack won’t work. So where to I go?

There is no way to use Jetpack without the xmlrpc.php file.

I suggest finding a more efficient way to protect your server from DDoS, but we cannot help you with that, as neither Jetpack nor WordPress can prevent DDoS. That needs to be done at the server level.

But Server don’t get DDOS. OVH is fair enough to hold such kind of DDOS.
It is xmlrpc attack and I want to stop this attack.

Hi,

It is xmlrpc attack and I want to stop this attack.

Since it is not a DDOS, can you let us know more about the attack you’re experiencing?

What do you want to know more? I already explained. If I rename xmlrpc.php to xhhddnfs.php then server load decreased 235 cpu to 0.5 cpu. It means attack does not find xmlrpc.php and attack stopped. Again If I rename it to xmlrpc.php then again server load goes 235 cpu.

Can you confirm whether Jetpack Protect is enabled when you have xmlrpc.php named properly with Jetpack connected?

Also, are you WordPress and Jetpack installations current?

Just noting too, xmlrpc can be attacked by Brute Force or DDoS. Jetpack protects against Brute Force. Your host will protect against DDoS.

You’ve mentioned that this is a DDoS attack, and also that your host provides DDoS protection. If this is a DDoS attack indeed, will they address it?

Can you confirm whether Jetpack Protect is enabled when you have xmlrpc.php named properly with Jetpack connected? – Yes enabled.

Also, are you WordPress and Jetpack installations current? – Yes using latest version.

You’ve mentioned that this is a DDoS attack, and also that your host provides DDoS protection. If this is a DDoS attack indeed, will they address it? :

OVH is Datacenter and they told me that they did’t get any DDOS on the server, so we can not do anything at the DDOS level 4 for server.
I checked by renaming xmlrpcphp to any other name and server load is 0.5 cpu. But If I name it properly xmlrpc.php then again server load goes 235 cpu. So, it proves that its a xmlrpc attack. So, what should be the method to solve? Because I can not run my websites under attack. If I rename xmlrpc then I need to remove jetpack because jetpack won’t work without xmlrpc. So please suggest me the solution.

That isn’t really anything we can help with, I’m sorry.

All we can confirm is that Jetpack requires xmlrpc.php to function, and that when active, Jetpack will protect xmlrpc.php against brute-force login attacks.

Jetpack was not designed to protect against any other type of direct attack, which is almost always the responsibility of your hosting provider.