Disabling WordPress XML-RPC and Banning Offenders With fail2ban

This isn’t something new. SANS ISC reported on this 2 years ago. The bad guys love anything that can be used in a reflection DoS and the WordPress XML-RPC functionality is a prime candidate. There are various ways to disable it, through WordPress plugins for example, or by hacking away at code. All of these are fine if you’re in control over what gets installed on the web server. In a shared

Virtual Hosting With mod_proxy

The other day I had someone ask if there’s a nice solution to the following problem: Multiple web development virtual machines but only one external IP address. The quick solution is to port forward on different ports to each virtual machine. For example 81 goes to VM1, 82 goes to VM2, 83 goes to VM3 etc. Which granted, would work, but isn’t a “neat” solution. Using mod_proxy under Apache is