What is'wp-json/tdw/save_css' and what it is doing in my website visitors log hitting the website every minute for days. How this is related to that my main site and wp-admin page cannot be open. "Error 503 Service Unavailable", an issue causing very high (98%) CPU in cPanel. Any suggestions of what to do?
1 Answer
It appears to be an attempt to use a known vulnerability in the tagDiv Composer plugin (used in a couple of tagDiv themes. Read the linked article for more details.
Note: If you think your WordPress site has been hacked, start here:https://wordpress.org/documentation/article/faq-my-site-was-hacked/
If you're using the tagDiv plugin or theme, make sure it's all up to date. If you're not using any of it, you might be able to stop the flood of attempts with a rule in your site's .htaccess file:
RewriteCond %{REQUEST_URI} ^/wp-json/tdw/.*$ [NC] RewriteRule ^.*$ - [F,L] Note: This .htaccess code is untested and you should test it in a non-production environment before you put it into production.
