xmlrpc.php attacks continue after file is deleted?

  • Some of my wordpress sites have been under attack from some time now. Thankfully my hosting provider has robust firewall safety so I can safely read about these attacks whilst my sites remain secure. However, the number of attacks grew to such an extent for two of my sites I completely removed the xmlrpc.php file, and adjusted the header settings to reflect that ping-back did not form part of the wordpress set up.
    Anybody got any idea as to why the attacks are still being launched against a non-existant file?

Viewing 2 replies - 1 through 2 (of 2 total)
  • Moderator Jan Dembowski

    (@jdembowski)

    Forum Moderator and Brute Squad

    Because the attacks are automated via a script that doesn’t check or care if the attack works or not. Or even if the file exists or not.

    Thread Starter foxsch

    (@foxsch)

    OK ~ Thanks.

    Still a bit worrying, but let’s hope the script is equally deficient in effectiveness!

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘xmlrpc.php attacks continue after file is deleted?’ is closed to new replies.