Title: Solution to xmlrpc.php vulnerability
Last modified: August 21, 2016

---

# Solution to xmlrpc.php vulnerability

 *  [WayneSmallman](https://wordpress.org/support/users/waynesmallman/)
 * (@waynesmallman)
 * [12 years, 8 months ago](https://wordpress.org/support/topic/solution-to-xmlrpcphp-vulnerability/)
 * Hi guys, I’m presently being bled dry of bandwidth by some one / some thing that’s
   trying to make use of the “xmlrpc.php” file, which — incidentally — no longer
   exists.
 * I’ve been in discussion with the host:
 * > “There are two issues here, it appears to be vulnerability scanning looking
   > for xmlrpc.php and the redirects performed by WordPress. The vulnerability 
   > has been removed but the WordPress 404 redirect is still loading your website,
   > i.e. using bandwidth.”
 * Sadly, all I’m able to say is that I may be using 3.2 or above, since I cannot
   sign in to see which it is, due to the lack of bandwidth.
 * At this point, I have zero idea how to stop this, so any advice would be much
   appreciated.

Viewing 2 replies - 1 through 2 (of 2 total)

 *  [wpismypuppet](https://wordpress.org/support/users/wordpressismypuppet/)
 * (@wordpressismypuppet)
 * [12 years, 8 months ago](https://wordpress.org/support/topic/solution-to-xmlrpcphp-vulnerability/#post-3970490)
 * If you have access to your .htaccess file, then this solution might help:
 * [http://perishablepress.com/wordpress-xmlrpc-pingback-vulnerability/](http://perishablepress.com/wordpress-xmlrpc-pingback-vulnerability/)
 *  Thread Starter [WayneSmallman](https://wordpress.org/support/users/waynesmallman/)
 * (@waynesmallman)
 * [12 years, 8 months ago](https://wordpress.org/support/topic/solution-to-xmlrpcphp-vulnerability/#post-3970550)
 * Thanks, I’ll give it a try. But I have the feeling this might not work, given
   that it doesn’t prevent the visit in the first place, which is what’s absorbing
   all of my bandwidth.

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Solution to xmlrpc.php vulnerability’ is closed to new replies.

 * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
 * 2 replies
 * 2 participants
 * Last reply from: [WayneSmallman](https://wordpress.org/support/users/waynesmallman/)
 * Last activity: [12 years, 8 months ago](https://wordpress.org/support/topic/solution-to-xmlrpcphp-vulnerability/#post-3970550)
 * Status: not resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics