xmlrpc attacts

  • Hello,

    Looking at my logs, I’ve noticed several strange pages showing up, all incluind xmlrpc. For example, /tonyeaton/xmlrpc.php and lesbianmomteen/xmlrpc.php.

    I’m upgraded to 3.0.3 and some of these showed up very recently. I’m also using WordPress in the multisite mode.

    I’ve been very diligent in blocking and deleting spam signups and blogs.

    Any idea what these strange links are telling me and how I can squash them?

Viewing 3 replies - 1 through 3 (of 3 total)

  • Probably someone probing your site trying to look for older versions.

    Thread Starter mmcomber

    (@mmcomber)

    One of them hit me 16,000 times. Some probing!

    This was a big issue about five years ago, right? And the last two WP upgrades were to address some similar vulnerabiilties?

    Probably similar, though hard to know with out seeing what attacks they were attempting.

    In general launching this type of probe doesn’t cost much, so they fire them off in mass in hopes of getting a single hit. Not uncommon for non-WordPress sites to be hit with these same probes looking for old versions of WP.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘xmlrpc attacts’ is closed to new replies.

Tags