Today I noticed we were getting a bunch of requests like this:
| 0-12 | 7976 | 0/527/1233 | _ | 1565.01 | 4 | 0 | 0.0 | 11.19 | 27.92 | 31.222.191.30 | eskimo.com:80 | POST /xmlrpc.php HTTP/1.0 |
What these are is a hack that attempts to bash usernames and passwords against xmlrpc.php in WordPress to try to hack WordPress accounts.
To counter this, and generally afford a number of other worthwhile security improvements in WordPress, I recommend installing the “All In One WP Security” security plug-in on your WordPress site and in the WP Security settings under firewall, enable block access to xmlrpc.php unless you have a plugin that requires this. There are many other useful options in this plugin you may wish to enable as well.