WordPress, one of the most popular content management systems in the world is rendered vulnerable to yet another vulnerability capable of bringing down an entire WordPress powered system. Statistically powering nearly 29% of the web, an unattended WordPress vulnerability breeds serious consequences for businesses and websites.
The WordPress DoS Vulnerability
Video Courtesy: baraktawily.blogspot.in
The above video is a Proof of Concept given by Tawily. In this, he creates a proof-of-concept (PoC) python script, called doser.py could make many concurrent requests and take down a server.
How to Mitigate WordPress DoS flaw?
While WordPress refuses to acknowledge the flaw and believes that should be mitigated at the server level, this vulnerability is simple enough to be exploited and bring down complete websites. Since 60 percent of CMS worldwide are WordPress based, the flaw ought to be taken seriously. It is highly advised to use a patched up version of the CMS. In case of use of a WordPress website on a Linux machine, this bash script created by Tawily modifies the relevant files in order to mitigate the vulnerability.
Worried about the security of your WordPress Website? Take a look at Astra’s WordPress security package to mitigate against online attacks.