Question

xmlrpc.php attack on a non-wordpress droplet

Looks like my server is being hammered by this xmlrpc.php attack. But I’m not even running wordpress, I’m trying a Flask framework so it’s all 404s. Should I just ignore it or could it possibly be lagging my droplet?

Subscribe
Share

I recommend reading a couple of excellent articles on the subject :

  1. How To Protect WordPress with Fail2Ban on Ubuntu 14.04 https://www.digitalocean.com/community/tutorials/how-to-protect-wordpress-with-fail2ban-on-ubuntu-14-04

  2. Block WordPress xmlprc.php DDOS attacks using Fail2Ban https://rbgeek.wordpress.com/2014/09/11/block-wordpress-xmlprc-php-ddos-attacks-using-fail2ban/

Rod


Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

If the file doesn’t exist, you don’t have anything to worry about it doing anything. Returning a 404 vs a 403 isn’t really going to make a difference, and you can’t stop them from trying.