Is your WordPress site slow? XML-RPC could be under attack!

Recently, a WordPress site I manage was having serious downtime issues. Calling the site from a browser resulted in a lag time of many minutes!

Upon looking at the running processes on the server, the list contained multiple Apache processes, around 20, all running at around 20MB each. The maths comes in at 400MB of RAM being used for the the Apache processes and that was resulting in all the allocated server RAM, as well as 100% of the CPU, being consumed. This meant no new client connections were served.

Multiple hard reboots of the server did not solve the problem. The Apache processes were back almost as soon as the server came back up. This was fishy as that meant the connections were sustained in some manner.

On further inspection it appeared that 18 of the Apache processes were connections from a single IP address and they were all requesting a single file – xmlrpc.php

As it happens this is quite a popular way to attack a website and crash it. Although I’m still looking for a long-term solution, in the short term I’ve blocked that IP. Another way to safeguard your site is to control access to xmlrpc.php via your .htaccess file. However take care with this file as it can prove to be quite useful. More here – https://wordpress.org/support/topic/what-is-xml-rpc-good-for

I’ll post more when I have a real solution.

Update: The WordFence site has some more information on XML-RPC as a security risk and how to disable it.

Javascript query string manipulation & a direwolf Game of Thrones t-shirt!

Some front-end development today using Javascript to manipulate query strings for a WordPress template. Good fun all round!

A lovely Father’s Day gift from my sons – a t-shirt depicting the sigil of my favourite family in Game of Thrones: The direwolf head of the Stark family.

Find me on Instagram here

Keep your WordPress site secure

wp-logo-blue-150x150More and more websites are using WordPress as their back-end Content Management System due to its ease of use and excellent built-in search-engine-optimization.

However, as with all software, WordPress does have bugs that are exploited to wreak havoc on your site.

This blog article talks about upgrading your WordPress installation to ensure the latest security patches have been applied and of the latest WordPress vulnerability.