Stops abuse of your site’s XML-RPC by simply removing some methods used by attackers. While you can use the rest of XML-RPC methods.
This is more friendly than disabling totally XML-RPC, that it’s needed by some plugins and apps (I.e. Mobile apps or some Jetpack’s modules).
Removes the following methods from XML-RPC interface.
Also removes X-Pingback from HTTP headers. This will hopefully stops some bots from trying to hit your xmlrpc.php file.
- WordPress 3.8.1 or higher.
- Extract the zip file and just drop the contents in the
wp-content/plugins/directory of your WordPress installation (or install it directly from your dashboard) and then activate the plugin from Plugins page.
- There’s not options page, simply install and activate.
Gran trabajo Samuel, en combinación con algunas reglas de htaccess hace un trabajo fantástico.
Thank you for this free and great plugin.
Does what it says and this is what needed for a XMLRPC attacks.
I’m confused here… I see this plugin I’ve never heard of and I never installed… and the bad thing is; I can’t remove it!
If this is a security plugin it sure doesn’t behave like it!
It’s behaviour is a no-go for me.
Update: My hosting provider admittd they have installed this plugin. But they never notified me. So now I’m giving a 5 star rating.
Contributors & Developers
“Disable XML-RPC Pingback” is open source software. The following people have contributed to this plugin.Contributors
Interested in development?
- Added code to remove X-Pingback from HTTP headers as suggested by user https://wordpress.org/support/topic/remove-x-pingback-http-header
- Initial release.