[ad_1]
https://preview.redd.it/0g805hs3bovc1.png?width=916&format=png&auto=webp&s=38fb77ea55ce4d11e0cdae69438ec1ffb35962b9
Hello all,
I noticed unusual activity on my server(higher resources were being used than usual) and after checking one of my sites that I host in a shared VPS (I host multiple sites in one VPS using CloudPanel), I noticed bunch of POST requests being sent by my server and couple other IPs.
I already tried scanning the site with Sucuri and nothing was found. I blocked couple of the IPs that seemed suspicious and added 403 redirect for the xml-rpc.
Any ideas what could be causing this issue?
Looks like putting the jobs on the system cron would help.
This is WordPress CRON (pseudo CRON) running background scheduled jobs. WordPress and many plugins use these and they should not be disabled.
You can set up server based CRON to trigger the processing on regular intervals, and disable WordPress pseudo CRON process.
admin-ajax.php is the Heartbeat API, which WP uses to extend user sessions while they’re active.
wp-cron.php is the scheduled tasks system in WP.
Both can be disabled if you’d like. For WP cron you need to replace it with a server cron process. Highly recommended if you can do it, it makes the WP admin UI much faster.