16 {{ upvoteCount | shortNum }}
16 {{ upvoteCount | shortNum }}

Visits to /wp-admin/admin-ajax.php

by BenFromSoMo
9 replies
I have been getting visits to that address on my WP site every three minutes for the last day or so. What is going on here?
#visits
  • Profile picture of the author PeachCoding
    My guess would be that it sounds like a malicious source is trying to post admin changes to your WP using the ajax side. If you have the IP address and you are using a WHM/Cpanel account you can block them by adding their IP to the blocklist of cPHulk in the WHM panel.

    Otherwise you can contact your hosting company and have them block the IP address using your hosting account's firewall.
    Signature

    Services offered: PSD to Wordpress, Joomla, Drupal Templates or Full Site, Custom PHP or C# Programming, Fix problems on any software, and more.

    You will get 25% OFF all services by mentioning the Warrior Forum. PM me here or email me to ivanphp404@gmail.com if interested and/or if you have questions.

    {{ DiscussionBoard.errors[3943368].message }}
  • Profile picture of the author BenFromSoMo
    It's showing up as my own IP address.
    Signature

    If you do any kind of blogging and want to try the next big thing, PM me.

    {{ DiscussionBoard.errors[3943758].message }}
    • Profile picture of the author vulcanscripts
      Then I wouldn't worry about it. If it's your IP then it's just hits the ajax script is getting from your own general use of WP. As it's an ajax script you don't have to visit it directly for the hits to get recorded which I suspect is why you're confused? Stop worrying! There's no cause for concern.
      Signature
      Live Track Mobile Spy - Android Spy Software
      Postcode Palâ„¢       - Geo Datasets for GB, NI, CI and the Isle of Man
      {{ DiscussionBoard.errors[3944002].message }}
  • Profile picture of the author BenFromSoMo
    Okay. I guess I won't be too worried. But what is the reason this has started showing up? It has consistantly had a hit every three minutes non stop whether or not I was logged in or doing anything. I'm just curious as to how this has started. The worst part is that it is throwing off my visitor stats so much.
    Signature

    If you do any kind of blogging and want to try the next big thing, PM me.

    {{ DiscussionBoard.errors[3944069].message }}
    • Profile picture of the author vulcanscripts
      How many hits are we talking about? If you're not logged in and you're still getting hits from your IP then I would be a little concerned. Do the hits still get registered if you're not connected to the internet? I would be a little concerned about the possibility of you having some form of malware on your machine. Unless of course you're referring to the IP of your server? In that case admin-ajax.php gets called and polled to update new posts and things. The more users that are online the more it gets polled too. If you take a look at the source code in "p2/inc/js.php" around line 96 you will find var updateRate = "30000";. If you increase that number, the update polling and thus subsequent hits will reduce, but so will any updates displayed to your visitors etc. If that is the cause I would just ignore the hits in your stats package and just leave it alone. You know where the hits are coming from so why should it matter?
      Signature
      Live Track Mobile Spy - Android Spy Software
      Postcode Palâ„¢       - Geo Datasets for GB, NI, CI and the Isle of Man
      {{ DiscussionBoard.errors[3944399].message }}
  • Profile picture of the author BenFromSoMo
    Ok I turned off my internet and they went away and came back when I turned it back on, so I guess it is indeed some kind of Malware. Where do I go from here? I have been a Mac user all my life but now have a PC so I am a bit of a n00b with this kind of stuff.
    Signature

    If you do any kind of blogging and want to try the next big thing, PM me.

    {{ DiscussionBoard.errors[3945231].message }}
    • Profile picture of the author vulcanscripts
      Do the hits go away when you just close down your internet browser? I would suggest installing some good light weight AV software like AVG. There's also a great free app called Hijack This available from: uk.trendmicro dot com/uk/products/personal/free-tools-and-services/ If you run that and pm me a copy of the log it produces I maybe able to point you in the right direction.

      P.S. Sorry for the dot com in my post. I haven't hit 15 posts yet so can't post links!
      Signature
      Live Track Mobile Spy - Android Spy Software
      Postcode Palâ„¢       - Geo Datasets for GB, NI, CI and the Isle of Man
      {{ DiscussionBoard.errors[3945743].message }}
  • Profile picture of the author BenFromSoMo
    Thanks so much Vulcan.
    Signature

    If you do any kind of blogging and want to try the next big thing, PM me.

    {{ DiscussionBoard.errors[3946137].message }}
  • Profile picture of the author SteveJohnson
    You probably don't have any kind of malware (well - maybe you do, but that's not the issue here)

    There are a lot of admin functions that load admin-ajax.php, and a couple of popular plugins, including the Related Posts plugin.

    Make sure your WP is up to date (currently 3.1.2). There is a fix in the latest versions of WP that short-circuit the file load process if there isn't a reason to load it.

    And a hit on admin-ajax.php shouldn't affect your visitor stats at all.
    Signature

    The 2nd Amendment, 1789 - The Original Homeland Security.

    Gun control means never having to say, "I missed you."

    {{ DiscussionBoard.errors[3956021].message }}

Trending Topics