The #1 WordPress Gurus are at 1 WordPress
Got a Question?
Try our Facebook Support Page
WordPress xmlrpc.php hack attack
There is a major new hack against WordPress servers using the xmlrpc.php file with a brute force hack.
If your server is being hit by an xmlrpc.php attack for users using WordPress add the following snippet of code to each accounts WordPress directory “.htaccess” file in order to stop the attack, which is a common WordPress vulnerability:
<Files “xmlrpc.php”> Order Allow,Deny deny from all </Files>
If you disable xmlrpc.php with this command, you may have conflicts in some plug-ins and Jetpack.