I was facing an issue with one of my WordPress sites. Suddenly my server went down, I receive a notification from JetPack saying your site is down and also, the database after an apache restart was down. I checked the server during this events and executing a top command showed me lots of httpd processes which obviously were the cause of the server to go down. I just disabled the site a couple of times, but today I decided to fix the problem.
I searched on the internet and someone gave me a clue. I should look into the apache access.log and boom! it was there, the site was hit at the same time by different IP addresses from the US, Netherlands, Germany, etc… someone was trying to hack my site!
In the access.log I saw that the target file was the xmlrpc.php file, my fix was too easy, I just restricted access to that file from apache like this…
<Files "xmlrpc.php"> Order Allow,Deny deny from all </Files>
Done! No one will be able to access that file anymore, so problem fixed!