WordPress XML-RPC Attack
The main reason of running the attack usually to get backlinks. It is possible to push a bad post with other methods of hacking WordPress. Those IP related instances are kid in front of bigger powerful servers. Probably we are too good for those who never deserve the kindness. We should check the MySQL log for the last commands/queries ran on it :
If we had not faked as “we are not aware”, we could not collect many data. In very short, unless you check the Nginx access log, Error log, MySQL log; unless the PHP5-FPM Error is arriving – it will be a typical Nginx-PHP5-FPM Error with a moron like link towards Nginx’s website for checking log. When you will try to flush the cache manually or access the admin area – you’ll face the white page of Nginx declaring error. You’ll think that possibly you have wrong configuration of PHP5-FPM or there is issue with resource. You can give a 16GB server to face and increase the PHP memory to 50% of it – it will die sooner, exactly like a 4GB server.
There are some methods to block these pingback request, but many of them needs development / server knowledge , but i just tell you some methods .
Just rename or delete xmlrpc.php
in this way bot does not find the file but your server is being attacked with the IPs.
Second and Better One.
Just find IP through Servers access.log and access.log.1 if have.
Copy the IP’s list
put all ip’s
and then restart your server.