Today I notices that my WordPress website consumes 30% CPU.
I took a look at the logs:
tail -f /var/log/nginx/slogpost.access.log
212.30.37.222 - - [27/Jan/2025:21:42:55 +0300] "POST //xmlrpc.php HTTP/1.1" 200 451 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
212.30.37.222 - - [27/Jan/2025:21:42:55 +0300] "POST //xmlrpc.php HTTP/1.1" 200 451 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
212.30.37.222 - - [27/Jan/2025:21:42:55 +0300] "POST //xmlrpc.php HTTP/1.1" 200 451 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
212.30.37.222 - - [27/Jan/2025:21:42:56 +0300] "POST //xmlrpc.php HTTP/1.1" 200 451 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
212.30.37.222 - - [27/Jan/2025:21:42:56 +0300] "POST //xmlrpc.php HTTP/1.1" 200 451 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
and added the following to /etc/nginx/sites-available/slogpost:
location = /xmlrpc.php {
deny all;
access_log off;
log_not_found off;
return 403;
}
