WordPress.org

Ready to get started?Download WordPress

Forums

[resolved] mysterious outgoing links from /wp-includes/class-wp-xmlrpc-server.php:5383 (2 posts)

  1. guenni
    Member
    Posted 1 year ago #

    hello,

    hope, I'm in the right sub-forum. I have searched the site and also the internet without success - hope, I will got a hint here.

    My problem:

    I'm running WordPress 3.5.1 with default theme "WordPress Default"

    A few days ago I installed a plug-in Snitch, written from Sergej Müller. Snitch records outgoing links and is also able to block unwanted links.

    Now I find a lot blocked communication entries from core module

    /wp-includes/class-wp-xmlrpc-server.php (line 5383)

    see image here

    to URLs like luisvouittonbags.com, driverregistration.com, yoursexdrive.com and so on. All thouse URLs are not from my blog.

    First my impression was, that the blog may be hacked - but I checked my blog and also the themes with different plug-ins and externals tools - without any result.

    I've deactivated all plug-ins, to isolation the source of my problem - but the entries are still recorded.

    Then I have reinstallaed WordPress 3.5.1 twice, to be sure, that the php code is intact. I also inspected class-wp-amlrpc-serve.php without success.

    Now I'm out of ideas what goes on. Therefore some questions:

    - any idea what the intention of the outgoing links mentioned above?
    My impression: could it be, that WP installations will be misused as a spam link seeder?
    - is it possible, that XMLRPC interface is called from the web?

    - what can I do to catch the cause of this issue?

    thx

  2. guenni
    Member
    Posted 1 year ago #

    Solved this issue. I've had a look into the log files and found, the mysterious URLs belongs to attempts, to add spam trackback and comment entries.

Topic Closed

This topic has been closed to new replies.

About this Topic