Today I noticed we were getting a bunch of requests like this:

0-12

7976

0/527/1233

_

1565.01

4

0

0.0

11.19

27.92

31.222.191.30

eskimo.com:80

POST /xmlrpc.php HTTP/1.0

     What these are is a hack that attempts to bash usernames and passwords against xmlrpc.php in WordPress to try to hack WordPress accounts.

     To counter this, and generally afford a number of other worthwhile security improvements in WordPress, I recommend installing the “All In One WP Security” security plug-in on your WordPress site and in the WP Security settings under firewall, enable block access to xmlrpc.php unless you have a plugin that requires this.  There are many other useful options in this plugin you may wish to enable as well.