[Tutorial] How to block XMLPRC.php in OLS

go to server conf → log

set Log Level to DEBUG

set Debug Level to HIGH

and this moment is confusing:

RewriteCond %{SERVER_ADDR} !^123\.123\.123\.123
RewriteRule wp-cron.php$ - [F,L]

Why it gives 403 if I request /wp-cron.php?doing_cron
But it doesn’t restrict access if I request just /wp-cron.php

Yes, yes. Exactly like this:

go to server conf → log
set Log Level to DEBUG
set Debug Level to HIGH

you can combine the server add with request uri in rewrite cond , so you can get rid of wp-cron.php in rewrite rule

Please can you show an example? And thanks for your time and patience :slight_smile:

RewriteCond %{REMOTE_ADDR} !^123\.123\.123\.123
RewriteCond %{REQUEST_URI} xmlrpc.php|wp-cron.php [NC]
RewriteRule .* - [F,L]

somethign like this

this means , if request url is wp-cron or xmlrpc , and client ip is not 123.123.123.123 , then 403

is {SERVER_ADDR} possible here instead of {REMOTE_ADDR} ?

https://httpd.apache.org/docs/current/mod/mod_rewrite.html#rewritecond

you need to check this doc first

server addr is the server itself

when request to a page, it is always a remote addr , even it is from 127.0.0.1 or server itself’s public/private ip

Ok, you tired of me )) I will try to recognize these admin’s hieroglyphs :slight_smile:
Thanks for your help!

Ok, got it. Thanks you.

not sure what do you mean by tired of you or hieroglyphs ? so far I have been typing/writing on Standard English alphabet, maybe not perfect in grammar as it’s not my native language .

basically when you want to do some condition check on rewritecond , you need to understand what is it to check against

No, no, I don’t want to offend you in any way! Instead I’m very grateful to you for your help. I just meant that things like this one: Documentation: Apache HTTP Server - The Apache HTTP Server Project
Is a kind of hieroglyphs for me.

yeah well , first time I read it is also like “hieroglyphs”

you just need to slow it down , read it line by line , it will sink in : )

Oh, things got weirder:

RewriteCond %{REMOTE_ADDR} !^127\.0\.0\.1
RewriteCond %{REQUEST_URI} wp-cron.php|xmlrpc.php [NC]
RewriteRule .* - [F,L]

xmlrpc.php - shows 403
wp-cron.php - white page, as usual

And why do this? After all, sooner or later hackers will discover another vulnerability that can be exploited.

Type your comment> @alinabeen said:

And why do this? After all, sooner or later hackers will discover another vulnerability that can be exploited.

yeah , why use any software ? sooner or later , hackers will discover another vul that can be exploited