Dear Lazyweb,

I have xmlrpc.php disabled, but the botnets love it. Is it safe to fail2ban an IP after a single hit? Or will that result in false positives from other WordPress internals trying to do something stupid?

It's impossible to find a coherent explanation of how it is used or why.


Tags: , ,

  • Previously