someone remotely accessing xmlrpc.php

  • Hi,

    I have wassup installed on my site and today 3 different IP addresses have tried to access wordpress\xmlrpc.php

    Searching around it seems like this is something that used to be hacked into, but appears ok now.

    Can I just confirm this please? and out of interest what they may be trying to do?

    I’m not very technical with php etc so a lot of what I read I dont fully understand. A layman’s answer is good.

    Cheers
    Nick

Viewing 2 replies - 1 through 2 (of 2 total)

  • 3 different IP addresses have tried to access wordpress\xmlrpc.php

    Welcome to WWW. ?? I get dozens of hack attempts a day. Just make sure to harden your install.

    With respect to that plugin make sure you’re using the latest version. There was a vulnerability in an earlier version. A good place to keep an eye on plugin vulnerabilities is milw0rm.com. Type wordpress in the search engine.

    Moderator Samuel Wood (Otto)

    (@otto42)

    www.ads-software.com Admin

    xmlrpc.php is the programmatic interface to WordPress. It’s used by various programs to do various things on WP, including making posts and comments and such.

    As such, a lot of hackers attempt to use it to a) break in or b) to post stuff automatically after they break in through other means. Most of the time these hits are automated, scanners looking for any vulnerable sites that they can find.

    Generally, you don’t need to worry about it. Just keep WP up to date and you’ll have no issues on that front.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘someone remotely accessing xmlrpc.php’ is closed to new replies.