wordpress POST xmlrpc.php WTF ?

WordPress is widespread because it is such a good blogging platform, CMS, DMS and you-name-it. Unfortunately it means that it becomes the target of many spam and DoS attacks.

The one that is steaming right now it the one that fills your logs with this: wp.example.com - [04/Sep/2014:07:33:30 +0000] "POST /xmlrpc.php HTTP/1.0" 403 345 "-" "Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)"<br /> wp.example.com - [04/Sep/2014:07:34:02 +0000] "POST /xmlrpc.php HTTP/1.1" 403 345 "-" "-"<br /> ...<br />

To block it, add this to your lighttpd.conf:
url.access-deny = ( "~", ".inc", "xmlrpc.php" )

and restart it:
service lighttpd restart