2 Oct
2014
2 Oct
'14
2:29 p.m.
On 2014-10-02 10:23 am, Jerry Geis wrote:
I just got SLAMMED with accessed to httpd from 91.230.121.156
I added the address to my firewall to drop it. FYI
host 91.230.121.156 156.121.230.91.in-addr.arpa domain name pointer no-rdns.offshorededicated.net.
Are you running Wordpress?
My company's Wordpress installation was getting hammered by an IP in the same netblock, yesterday...look in your httpd logs for repeated POST operations to xmlrpc.php.
--
Mike Burger
http://www.bubbanfriends.org
"It's always suicide-mission this, save-the-planet that. No one ever
just stops by to say 'hi' anymore." --Colonel Jack O'Neill, SG1