Jul 10, 2017
The past couple of weeks I noticed that the MySQL service on my server would routinely stop out of the blue. At first I suspected that it was because my 512MB RAM wasn’t enough but when I looked at the usage history, I never peaked more than 9%. I even tried reinstalling the MySQL server which worked at first but then it stopped running again.
However, I think the problem was due to bots trying to log into my WordPress dashboard. One thread I was reading suggested xmlrpc attacks were bringing WordPress down. When I looked at my logs, there was a dozen of attempted logins.
There are multiple solutions for this, mainly blocling xmlrpc but since I use third party apps that rely on xmlrpc, I didn’t want to block it entirely. Jetpack was another solution which is what I eventually opted for.
I’ve been wary of installing Jetpack, mostly due to the fact my server is not that great and I was worried about space and memory consumption. However, it does have a feature to block malicious xmlrpc login attempts that I desparately needed.
It’s only been two days now (as of writing this) and I already see that Jetpack has blocked over 25 login attempts. Now this doesn’t protect me from other attacks and on other sites on this server but at leaat I have that out of the way.