Title: someone remotely accessing xmlrpc.php
Last modified: August 19, 2016

---

# someone remotely accessing xmlrpc.php

 *  [f10nick](https://wordpress.org/support/users/f10nick/)
 * (@f10nick)
 * [17 years, 3 months ago](https://wordpress.org/support/topic/someone-remotely-accessing-xmlrpcphp/)
 * Hi,
 * I have wassup installed on my site and today 3 different IP addresses have tried
   to access wordpress\xmlrpc.php
 * Searching around it seems like this is something that used to be hacked into,
   but appears ok now.
 * Can I just confirm this please? and out of interest what they may be trying to
   do?
 * I’m not very technical with php etc so a lot of what I read I dont fully understand.
   A layman’s answer is good.
 * Cheers
    Nick

Viewing 2 replies - 1 through 2 (of 2 total)

 *  [Len](https://wordpress.org/support/users/lenk/)
 * (@lenk)
 * [17 years, 3 months ago](https://wordpress.org/support/topic/someone-remotely-accessing-xmlrpcphp/#post-986870)
 * > 3 different IP addresses have tried to access wordpress\xmlrpc.php
 * Welcome to WWW. 🙂 I get dozens of hack attempts a day. Just make sure to [harden your install](http://codex.wordpress.org/Hardening_WordPress).
 * With respect to that plugin make sure you’re using the latest version. There 
   was a vulnerability in an earlier version. A good place to keep an eye on plugin
   vulnerabilities is milw0rm.com. Type wordpress in the search engine.
 *  Moderator [Samuel Wood (Otto)](https://wordpress.org/support/users/otto42/)
 * (@otto42)
 * WordPress.org Admin
 * [17 years, 3 months ago](https://wordpress.org/support/topic/someone-remotely-accessing-xmlrpcphp/#post-986872)
 * xmlrpc.php is the programmatic interface to WordPress. It’s used by various programs
   to do various things on WP, including making posts and comments and such.
 * As such, a lot of hackers attempt to use it to a) break in or b) to post stuff
   automatically after they break in through other means. Most of the time these
   hits are automated, scanners looking for any vulnerable sites that they can find.
 * Generally, you don’t need to worry about it. Just keep WP up to date and you’ll
   have no issues on that front.

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘someone remotely accessing xmlrpc.php’ is closed to new replies.

## Tags

 * [xmlrpc.php](https://wordpress.org/support/topic-tag/xmlrpc-php/)

 * In: [Everything else WordPress](https://wordpress.org/support/forum/miscellaneous/)
 * 2 replies
 * 3 participants
 * Last reply from: [Samuel Wood (Otto)](https://wordpress.org/support/users/otto42/)
 * Last activity: [17 years, 3 months ago](https://wordpress.org/support/topic/someone-remotely-accessing-xmlrpcphp/#post-986872)
 * Status: not resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics