So i was made aware that a site on my server was getting hundreds of thousands of requests per day, so i checked the access log out.
I found literally thousands of lines of the below:
103.67.235.89 - - [18/Oct/2017:06:27:26 +0100] "GET /plugin-notices.php HTTP/1.0" 301 576 "-" "-"
198.71.228.64 - - [18/Oct/2017:06:27:26 +0100] "GET /plugin-notices.php HTTP/1.0" 200 3964 "-" "-"
150.95.105.161 - - [18/Oct/2017:06:27:26 +0100] "GET /plugin-notices.php HTTP/1.0" 200 3964 "-" "-"
77.72.1.34 - - [18/Oct/2017:06:27:26 +0100] "GET /plugin-notices.php HTTP/1.0" 301 576 "-" "-"
93.174.127.11 - - [18/Oct/2017:06:27:26 +0100] "GET /plugin-notices.php HTTP/1.0" 301 576 "-" "-"
77.72.1.34 - - [18/Oct/2017:06:27:26 +0100] "GET /plugin-notices.php HTTP/1.0" 200 3964 "-" "-"
103.4.213.6 - - [18/Oct/2017:06:27:26 +0100] "GET /plugin-notices.php HTTP/1.0" 301 576 "-" "-"
Is this normal for a WordPress install? Or am i getting hacked?
Is there a way to prevent this. They all seem to be HTTP 1.0 requests which i have already blocked via .htaccess, so not quite sure what is going on?