According to security research firm, Securi, more than 162,000 WordPress sites are used in a distributed denial of service attack. Usually, machines or compromised websites are used to facilitate a DDoS attack but this time, hackers use clean WordPress sites via XML-RPC
XML-RPC is used in WordPRess as an API for third-party clients like WordPress mobile apps, weblog clients, and plugins. XML-RPC is used for pingbacks and trackbacks which is a good thing but usually, heavily misused to start a DDos Attack.
In this post, we’ll show you how to prevent WordPress from participating in a DDoS attack.
Read the rest of the post here: http://wptavern.com/how-to-prevent-wordpress-from-participating-in-pingback-denial-of-service-attacks