Title: Hit by an xmlrpc.php attack
Last modified: August 22, 2016

---

# Hit by an xmlrpc.php attack

 *  [3dpc](https://wordpress.org/support/users/3dpc/)
 * (@3dpc)
 * [11 years, 5 months ago](https://wordpress.org/support/topic/hit-by-an-xmlrpcphp-attack/)
 * Hi,
 * My website was recently attacked with an xmlrpc.php attack.
 * So far I’ve done the following things to improve the website security:
    – Updated
   all WordPress, plugins and the theme to the latest versions. – Installed [Login Security Solution](https://wordpress.org/plugins/login-security-solution/)(
   supposed to rate-limit both wp-login.php and XML-RPC)
 * I [read here](https://wordpress.org/support/topic/resolving-xmlrpcphp-ddos-attack-with-htaccess-redirect?replies=8)
   that implementing the following piece of code in my .htaccess file would be helpful,
   can someone confirm this?:
    RewriteRule ^xmlrpc\.php$ “http\:\/\/0\.0\.0\.0\/”[
   R=301,L]
 * What else can I do to improve the security of my website and avoid getting hit
   with an xmlrpc.php attack again?
 * Thanks,
    3dpc

Viewing 1 replies (of 1 total)

 *  Thread Starter [3dpc](https://wordpress.org/support/users/3dpc/)
 * (@3dpc)
 * [11 years, 5 months ago](https://wordpress.org/support/topic/hit-by-an-xmlrpcphp-attack/#post-5662396)
 * At another blog post I read that I could implement this code snippet in the .
   htaccess file. Any ideas which is best to implement?
 * <Files xmlrpc.php>
    Order allow,deny Deny from all </Files>
 * [http://antti.vilpponen.net/2013/08/26/how-to-mitigate-a-wordpress-xmlrpc-php-attack/](http://antti.vilpponen.net/2013/08/26/how-to-mitigate-a-wordpress-xmlrpc-php-attack/)

Viewing 1 replies (of 1 total)

The topic ‘Hit by an xmlrpc.php attack’ is closed to new replies.

## Tags

 * [xml](https://wordpress.org/support/topic-tag/xml/)
 * [xmlrpc](https://wordpress.org/support/topic-tag/xmlrpc/)

 * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
 * 1 reply
 * 1 participant
 * Last reply from: [3dpc](https://wordpress.org/support/users/3dpc/)
 * Last activity: [11 years, 5 months ago](https://wordpress.org/support/topic/hit-by-an-xmlrpcphp-attack/#post-5662396)
 * Status: not resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics