Hello everyone,
For some reason my webserver is bruteforcing itself, originating from it's external IP (not localhost).
Sadly all i see that it's bruteforcing on /xmlrpc.php and /wp-login.php
Since we are hosting 20+ wordpress sites, I have no idea which Wordpress site is causing these bruteforces since it coming from the webserver IP.
All websites are running Wordfence and haven't found any malware/virusses or anything so I really want to know what's causing it.
Any idea how i can see which site is being bruteforced by it's host?
For some reason my webserver is bruteforcing itself, originating from it's external IP (not localhost).
Sadly all i see that it's bruteforcing on /xmlrpc.php and /wp-login.php
Since we are hosting 20+ wordpress sites, I have no idea which Wordpress site is causing these bruteforces since it coming from the webserver IP.
All websites are running Wordfence and haven't found any malware/virusses or anything so I really want to know what's causing it.
Any idea how i can see which site is being bruteforced by it's host?