Following our post on Saturday morning about XML-RPC brute force attacks, we noticed some confusion in the comments about whether or not it’s a good idea to disable XML-RPC on your site.To clear this up we’ve posted …
Even though the email I received reported so, I was busy on last weekend and I didn’t have to care to check my blog so I ignore it, hoping that I was one of luck ones. On Monday I checked with Wordfence Live Traffic. Guess what.
There were so many attempts to login my blog account. This is called brute force attack.
I blocked all the IP — about 30 on Monday night. I was very happy when I’ve done all of them that tried to attack my account.
But also Tuesday and Wednesday I was STILL blocking all the IP addresses who attempted to log in. They never figured out to log in yet, but I felt maybe it didn’t worth having blog, I would just quit.
I was very happy to change my blog “theme” just a couple days before these attacks. Maybe something do with this theme? Or I have plug-ins that has defect? Our two other WordPress sites were safe.
Anyway forget about internet, I said to myself and started to clean up all over the house. I kept cleaning for 3-4 days. Wow, I got rid of many things and found some things. But right now my room is messier than before : )
This is one of the things I found!