I have a frustrating issue with a site hosted on Wordpress. Every now and again - and seemingly at random - I will get a message saying "Resource Limit Is Reached - The website is temporarily unable to service your request as it exceeded resource limit. Please try again later" when I try and visit my site or dashboard.
My hosting company identified the problem as being excessive requests for the file 'xmlrpc.php' (over a quarter of a million a day from some IPs). A bit of Googling
reveals that it's some kind of attempted hack and the file in question is usually used by Wordpress for remote access via apps, etc. In their words: "After some digging around, it seems that the xmlrpc.php file is only utilised by the remote post feature in WordPress such as sending e-mails / text messages and having WordPress automatically post these as new posts."
It's already slightly beyond my technical comprehension, but they kindly blocked the IPs in question. Of course, the problem returned a couple of times. I installed a plugin
and renamed the file in question and as was well for a weeks. Until this evening.
Has anyone else encountered this problem? My tech guy also said "Alternatively, it looks as though all of these SPAM "bots" are utilising MSIE 7.0 as their useragent, you could also look at blocking this within your .htaccess although this would prove ineffective if they changed this / used another user agent. It would also block any legitimate users using Internet Explorer 7.0 as their browser which whilst it's 4 versions out of date, no date some people are still using it." How do I do that?