• Resolved Jozga

    (@jozga)


    Hi,

    I have a site that is getting hit repeatedly on the XMLRPC.php file, this has happened before and I’ve just blocked the IPs that have done it, but this time it seems to be 4 times from an IP then on to another. It causes quite high server load but not enough to bring the server down.

    The problem is that if I use the XMLRPC code provided then my server load is still high due to serving the bulletproof/403 page over and over.

    If I delete or rename the file then my server load is high for all the 404 requests.

    I’ve tried a block xmlrpc plugin, but it had no effect.

    The only thing I have found that works is redirecting all requests in the htaccess to a fake IP – 0.0.0.0 which seems better, but is there a better way of doing this? I can’t figure it out.

    https://www.ads-software.com/plugins/bulletproof-security/

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Author AITpro

    (@aitpro)

    Handling 403 and 404 errors should not normally cause any significant server load increases so what you need to look at is why handling 403 and 404 errors are causing a significant server load increase on your server. I am taking a guess here, but if you have mod_security installed or something else installed/configured that is already handling errors then what could be happening is something like an infinite redirect loop, which would cause a significant resource drain. Use the BPS XML-RPC bonus custom code and then check your server logs for any errors that are occurring and post some of them here. Don’t post your entire server log file or the WP mods will just delete an excessive amount of log entries/posted content.

    BPS uses the ErrorDocument directive for 403 errors which is a redirect to the 403.php template file.
    By default WordPress redirects 404 errors to a theme’s 404.php template file. BPS also uses ErrorDocument to redirect to your theme’s 404.php template file.

    Plugin Author AITpro

    (@aitpro)

    If it turns out that either your server or something else installed/configured on your server is already handling error logging then the simple solution is just to turn Off BPS Security Logging. When you need to do troubleshooting you would turn On BPS Security Logging and then turn it Off again after you are done troubleshooting.

    Plugin Author AITpro

    (@aitpro)

    It’s been several days since this thread was created. Is this issue/problem resolved? If so, please resolve this thread. If not, please post any additional relevant information.

    Thread Starter Jozga

    (@jozga)

    Sorry, I’d been taking time over studying the results. It seems like the problem is completely resolved by using the bonus XML-RPC code but turning off BPS Logging.

    Plugin Author AITpro

    (@aitpro)

    I guess I need to not use the “It’s been X since this thread was created”. The purpose for that was that when you look at old threads the time line is all lumped together (ie 2 months ago, 1 year ago) so it looks like we are badgering folks to resolve threads. ?? Since we are monitoring threads daily then we completely understand that folks are doing other things. The goal is just to send a friendly email reminder. We will think of another way to “date” threads. Thanks for resolving this thread.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘XMLRPC trouble’ is closed to new replies.