Link: Protecting Your WordPress Blog From XML-RPC Brute Force Amplification Attacks

16 Oct 2015

From Protecting Your WordPress Blog From XML-RPC Brute Force Amplification Attacks:

To summarize, attackers are taking advantage of a vulnerability in WordPress’s XML-RPC system.multicall method which effectively allows them to issue hundreds of login attempts with a single request. To put it another way, this is an extreme case of brute forcing logins in an attempt to determine your administrative user credentials.

Validate the change as suggested from a comment of the above link (xml-rpc should be disabled):

You can check if XML-RPC is enabled on your site with this tool

Wavether

Link: Protecting Your WordPress Blog From XML-RPC Brute Force Amplification Attacks

Related Posts

Find out battery health by inspecting macOS battery data 29 Dec 2017

Import qcow2 images into AWS 13 Nov 2016

Using Packet Filter (pf) firewall to block outgoing traffic on macOS 09 Nov 2016