Title: Sudden xmlrpc.php attack
Last modified: August 30, 2016

---

# Sudden xmlrpc.php attack

 *  Resolved [Daniela Lao](https://wordpress.org/support/users/daniela-lao/)
 * (@daniela-lao)
 * [10 years, 11 months ago](https://wordpress.org/support/topic/sudden-xmlrpcphp-attack/)
 * Hi,
 * I woke up this morning with a ton of visits to: [http://danielalao.com/xmlrpc.php](http://danielalao.com/xmlrpc.php)(
   Which doesn’t go anywhere).
 * I tried blocking the countries and networks but not sure if that’s helped at 
   all as it’s still happening…I missed a lot as I can’t keep up.
 * I also have Clef for added security so no login attempts luckily.
 * I don’t really know whats going on or why the sudden uptick in countries trying
   to access my site.
 * I would also like to set something custom with my Firewall settings as they are
   set to unlimited, I’m just not sure what to set them.

Viewing 3 replies - 1 through 3 (of 3 total)

 *  Thread Starter [Daniela Lao](https://wordpress.org/support/users/daniela-lao/)
 * (@daniela-lao)
 * [10 years, 11 months ago](https://wordpress.org/support/topic/sudden-xmlrpcphp-attack/#post-6245566)
 * I just contacted my host and they had me block all countries (minus the ones 
   I want to keep) through my .htaccess file which seems to have worked!
 *  Thread Starter [Daniela Lao](https://wordpress.org/support/users/daniela-lao/)
 * (@daniela-lao)
 * [10 years, 11 months ago](https://wordpress.org/support/topic/sudden-xmlrpcphp-attack/#post-6245674)
 * Strike that, now I can’t access my .htaccess anymore lol.
 * I still need to know if there is anything on the Wordfence side I can do to prevent
   sites in the US/Canada from trying to access [http://danielalao.com/xmlrpc.php](http://danielalao.com/xmlrpc.php),
   which I believe could be slowing my site down.
 *  [WFSupport](https://wordpress.org/support/users/wfsupport/)
 * (@wfsupport)
 * [10 years, 11 months ago](https://wordpress.org/support/topic/sudden-xmlrpcphp-attack/#post-6245817)
 * We had this option to block access to xmlrpc.php for a while but found it interfered
   with other wordpress functions (including remote publishing) and had to remove
   it. You can block by IP or networks to address the attacks.
 * tim

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘Sudden xmlrpc.php attack’ is closed to new replies.

 * ![](https://ps.w.org/wordfence/assets/icon.svg?rev=2070865)
 * [Wordfence Security - Firewall, Malware Scan, and Login Security](https://wordpress.org/plugins/wordfence/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/wordfence/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/wordfence/)
 * [Active Topics](https://wordpress.org/support/plugin/wordfence/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/wordfence/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/wordfence/reviews/)

 * 3 replies
 * 2 participants
 * Last reply from: [WFSupport](https://wordpress.org/support/users/wfsupport/)
 * Last activity: [10 years, 11 months ago](https://wordpress.org/support/topic/sudden-xmlrpcphp-attack/#post-6245817)
 * Status: resolved