This topic describes how to prevent WordPress Pingback attacks with Alibaba Cloud WAF.

What is a WordPress Pingback attack

WordPress is a blog platform developed using the PHP language, and pingback is a plug-in of WordPress. Hackers can use pingback to initiate WordPress Pingback attacks against the website.
After suffering from the WordPress attack, you can see a lot of requests with User-Agent containing WordPress and pingback on the server log.

As a variant of HTTP flood attack, WordPress Pingback attacks typically have the following symptoms: slow webpage loading, excessive server CPU consumption, response/data loss, and so on.

How to use WAF for defense

  1. Log on to the Web Application Firewall console.
  2. Go to the Management > Website Configuration page.
  3. Locate to the domain name to be configured and click Policies.
  4. Enable HTTP ACL Policy, and click Settings.
  5. Click Add Rule and add the following access control rules respectively.
    • Block the access containing pingback in User-Agent.
      • Rule name: wp1
      • Matching field: User-Agent
      • Logical operator: Includes
      • Matching content: pingback
      • Action: Block
    • Block the access containing WordPress in User-Agent.
      • Rule name: wp2
      • Matching field: User-Agent
      • Logical operator: Includes
      • Matching content: WordPress
      • Action: Block
    Note You must add both the rules separately.