My own website is constantly hammering xmlrpc.php and generating 404 errors

  • Hello:

    I was looking through my 404 log file and noticed a very specific and recurring error. My own IP address (216.97.227.40) is continuously trying to access xmlrpc.php and getting a 404 error. The 404 error is good, since I do not want anyone to access that file since it is a common method of attack for hackers.

    However, why does my own website constantly try to access this file? The times of the file access seems to coordinate with me using my dashboard to edit blog posts. It generates hundreds of errors of this exact nature per hour, and they are only logged in the 404 log file. If I did not check the file I would have never seen it.

    When I checked my error_log, I also noticed this very strange error: PHP Fatal error: Allowed memory size of 33554432 bytes exhausted (tried to allocate 1633766 bytes) in wp-includes/wp-db.php on line 2821 Is this related?

    I only use a computer to access and edit my website, never via cellphone or anything else. I have never gotten any sort of obvious error when using my own dashboard or editing my posts or pages. What is going on?

    Is the post editor trying to access the xmlrpc.php file even though I am not logging in remotely? Is it possible one of my own plugins is trying to access the file? Or is something more insidious going on?

    Your help is greatly appreciated.
    Rebecca Wang
    https://www.psychedeliczen.com

    The page I need help with: [log in to see the link]

Viewing 2 replies - 1 through 2 (of 2 total)

  • However, why does my own website constantly try to access this file?

    In my experience, not the same as yours, notes that your local device(s) may have been compromised, your passwords stolen and used. Change them and never use any passwords across sites.

    Review in full your own devices security.

    Thread Starter psychedeliczen

    (@psychedeliczen)

    Hello:

    Thank you for your reply. I will definitely update my security and change passwords.

    However, it is not my own local IP that is doing the hammering. It is the IP address of my website itself.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘My own website is constantly hammering xmlrpc.php and generating 404 errors’ is closed to new replies.