protect against wordpress xmlrpc.php exploit

goaccess has already paid off for me.  I have been checking it daily since I installed it and noticed that my most requested page was xmlrpc.php.  Tons of data was being POSTed to it.  After a quick search, I came across a tutorial for a brute-force attack to login to a wordpress site.

wordpress xmlrpc.php attack detection with goaccess
wordpress xmlrpc.php attack detection with goaccess

I immediately logged into my VPS and renamed my xmlrpc.php file, and the attacks stopped.  Thanks, goaccess.

Leave a Reply

Your email address will not be published. Required fields are marked *