xmlrpc.php is used to attack the website

  • I am not sure if I am explaining this the right way.

    My Hosting company locked my websites up, and when I contacted them, they said, “we are seeing attacks on the web space, using the xmlrpc.php file you got in there.” and then they also showed the access log where it was being hit several times from one IP.

    Now they want me to remove the file, so I can continue to host my website with them.

    What exactly is the problem ? is it fixed in wp 1.5.2 ?
    Please let me know what I should do.
    Thanks.

Viewing 3 replies - 1 through 3 (of 3 total)

  • If you are not running 1.5.2 then yes, there are risks.
    Upgrade !

    Thread Starter sadish

    (@sadish)

    Thanks Podz.
    I Upgraded !

    Good job on upgrading ?? Its worth mentioning that upgrading fills the hole but wont neccessarily keep people from trying. All of the various xml-rpc problems are well documented and scripts, exploit checkers are readily available. Your host may or may not see a decrease in attempts to exploit a security issue.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘xmlrpc.php is used to attack the website’ is closed to new replies.