Business Websites

This new hack allows brute force hacking with a few requests. It allows multiple password attempts with only one request. ThIS fools normal attempt per second attempts. The good news is, its easily fixed. Simply rename or remove the xmlrpc.php file in the Wordpress root directory. Most of the time your site wont need this file. But if it does the other solution is to block xmlrpc requests. Add the following to your htaccess file.