Title: Protecting xmlrpc.php
Last modified: August 31, 2016

---

# Protecting xmlrpc.php

 *  Resolved [toby1kenobi](https://wordpress.org/support/users/toby1kenobi/)
 * (@toby1kenobi)
 * [10 years, 4 months ago](https://wordpress.org/support/topic/protecting-xmlrpcphp/)
 * Hi there,
 *  We’re running our website on a very small AWS instance, behind the pound proxy(
   which directs HTTP traffic to varnish, HTTPS straight to Apache). We had a problem
   with with a handful of IPs repeatedly POSTing to xmlrpc.php, causing the instance
   to run out of memory. For the moment this has been stopped by rejecting those
   IPs using iptables, although obviously this isn’t a particularly resilient form
   of defence.
 *  Can Wordfence (free or premium) do anything ‘smart’ in a case like this?
 *  Thanks,
 * Toby
 * [https://wordpress.org/plugins/wordfence/](https://wordpress.org/plugins/wordfence/)

Viewing 3 replies - 1 through 3 (of 3 total)

 *  Thread Starter [toby1kenobi](https://wordpress.org/support/users/toby1kenobi/)
 * (@toby1kenobi)
 * [10 years, 4 months ago](https://wordpress.org/support/topic/protecting-xmlrpcphp/#post-6962110)
 * No?
 *  Plugin Author [WFMattR](https://wordpress.org/support/users/wfmattr/)
 * (@wfmattr)
 * [10 years, 4 months ago](https://wordpress.org/support/topic/protecting-xmlrpcphp/#post-6962221)
 * Hi,
 * Usually the POSTs on xmlrpc.php are malicious login attempts (assuming you don’t
   have real users using the xml-rpc interface), so you could decrease the “Lock
   out after how many login failures” option, so they are locked out faster.
 * If you use Wordfence’s Falcon caching, on Performance Setup on the Wordfence 
   menu, then IPs that are blocked within Wordfence will also be blocked using .
   htaccess for better performance during these attacks also.
 * If Apache is running out of memory, you might also need to adjust Apache’s MaxClients
   to a lower number. The site may still respond slowly when under attack, but if
   the OOM killer doesn’t kick in, it could be more stable. (With a typical linux
   installation, mysql is usually the first process to get killed when memory is
   low, which generally makes the problem worse!)
 * -Matt R
 *  Thread Starter [toby1kenobi](https://wordpress.org/support/users/toby1kenobi/)
 * (@toby1kenobi)
 * [10 years, 4 months ago](https://wordpress.org/support/topic/protecting-xmlrpcphp/#post-6962223)
 * Ok, thanks Matt, I’ll have a look at your suggested changes.

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘Protecting xmlrpc.php’ is closed to new replies.

 * ![](https://ps.w.org/wordfence/assets/icon.svg?rev=2070865)
 * [Wordfence Security - Firewall, Malware Scan, and Login Security](https://wordpress.org/plugins/wordfence/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/wordfence/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/wordfence/)
 * [Active Topics](https://wordpress.org/support/plugin/wordfence/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/wordfence/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/wordfence/reviews/)

## Tags

 * [xmlrpc](https://wordpress.org/support/topic-tag/xmlrpc/)

 * 3 replies
 * 2 participants
 * Last reply from: [toby1kenobi](https://wordpress.org/support/users/toby1kenobi/)
 * Last activity: [10 years, 4 months ago](https://wordpress.org/support/topic/protecting-xmlrpcphp/#post-6962223)
 * Status: resolved