ispconfig we high cpu load / stop brute force attacks against xmlrpc.php

I was searching for problem, based on debian virtual server and ispconfig. There was  high cpu load about 100%.

Finally were two problems. .xmlrrpc attack  found in apache log

cat /var/log/apache2/access.log

For fixing this issue just disable in .htaccess accessing file to attacker

nano  /var/www/ and

just add this line at the end of .htaccess

<Files xmlrpc.php>
order deny,allow
deny from all
allow from


you can allow it from known ip address and xx represents you ip address



on this virtual machine was also high cpu load because of plugin wp-security plugin

this verion of plugin due to error which requested writing some information into sql table made incredibly large error log

which is located based on ispconfig and debian 9 cat /var/www/

after probing log file a and discovering error and deleting plugin was all working perfectly.