This is a quick way to deny an ip address accessing your nginx server.
Create a new file in /etc/nginx/conf.d called blockips.conf
Add the following to the file:
deny <bad ip>;
Then restart nginx. The log file will now show 403′s for the IP address.
For more info see:
In March there was a DDOS attack that used many (160,000) wordpress sites to flood other websites. This was done because wordpress now has xml-rpc on by define.
It is possible to turn off xml-rpc using a plugin.
This adds a filter without the need of editing your own pages.
For more info on the attack see: