Why I am seeing too many hits in "xmlrpc.php" in my wordpress website?


WordPress XML-RPC functionality is mostly not used and it's one of the most common causes for Wordpress exploits. If you see many hits to xmlrpc.php file, it could be a possible attempt to hack your Wordpress website.

VPS and Dedicated server :

Check from which IP addresses are the POST requests coming. If the requests come from one IP address, that IP address can be blocked in server to stop the attack. The access log of the domain can be checked to see from which IP addresses are the POST requests coming.

You may refer the following link to view access log of a domain from Plesk control panel :

http://kb.bytehouse.co.uk/content/13/202/en/steps-to-view-access-log-for-a-domain-from-plesk.html

You can refer the steps in following link to block IP address(s) from Plesk control panel.

http://kb.bytehouse.co.uk/content/4/203/en/steps-to-block-ip-address-from-plesk-for-vps-and-dedicated-server.html

Alternatively, you may contact your developer and remove the xmlrpc.php file if it not required or add a rule in .htaccess file of domain's web directory to block access to xmlrpc.php file.

Shared server :

You may check with your developer and remove the xmlrpc.php file if it not required. Or add a rule in .htaccess file of domain's web directory to block access to xmlrpc.php file.

Last update:
2014-10-22 03:43
Author:
Sherin George
Revision:
1.0
Average rating:0 (0 Votes)

You cannot comment on this entry

Chuck Norris has counted to infinity. Twice.

Records in this category

Tags

top