This document describes how to prevent WordPress Pingback attacks through the WAF Business and Enterprise editions.
What is a WordPress Pingback attack
WordPress is a blog platform developed using the PHP language, and pingback is a plug-in of WordPress. Hackers can use pingback to initiate WordPress Pingback attacks against the website.
After suffering from the WordPress attack, you can see a lot of requests with User-Agent containing WordPress and pingback on the server log.
As a variant of HTTP flood attack, WordPress Pingback attacks typically have the following symptoms: slow webpage loading, excessive server CPU consumption, response/data loss, and so on.
How to use WAF for defense
Note: The WordPress Pingback attack defense is only supported for the Business and Enterprise editions of WAF.
Log on to the WAF console, and access the Website Configuration page.
Locate the domain name for protection, and then click Policies under its Operation column.
Enable HTTP ACL Policy and click Settings.
Click Add Rule, and add the following access control rules respectively.
Block the access containing pingback in User-Agent.
- Rule name: wp1
- Matching field: User-Agent
- Logical operator: Includes
- Matching content: pingback
- Action: Block
Block the access containing WordPress in User-Agent.
- Rule name: wp2
- Matching field: User-Agent
- Logical operator: Includes
- Matching content: WordPress
- Action: Block
Note: You must add both the rules separately.