Since few days, I noticed that my blog was attacked with XMLRPC method. It took relativly a long time to me to discover where the problem was. I restarted again and again my server PHP-FPM and Nginx.
I immediatly stop the attack by asking to NGINX to not accept anymore the address /xmlrpc.php. As it was enought to prevent the attack and because this was the same two servers in Russia which attack me, I finally drop the connections with IPTABLE.
It’s quite efficiency. a response with a flamethrower.
Once again, it’s not something in favor of WordPress.