WordPress Hack

By | September 20, 2020

Hackers first try and access the users database at: /wp-json/wp/v2/users/. If successful you next see repeated attempts to log on to the site, reflected in hits on /wp-login.php & /xmlrpc.php. This is what a WordPress brute force attack looks like:

As you can see these hits come from all over the world: