WordPress.org

Plugin Directory

Disable XML-RPC Pingback

Stops abuse of your site's XML-RPC by simply removing some methods used by attackers. While you can use the rest of XML-RPC methods.

Stops abuse of your site's XML-RPC by simply removing some methods used by attackers. While you can use the rest of XML-RPC methods.

This is more friendly than disabling totally XML-RPC, that it's needed by some plugins and apps (I.e. Mobile apps or some Jetpack's modules).

Features

Removes the following methods from XML-RPC interface.

  • pingback.ping
  • pingback.extensions.getPingbacks

Also removes X-Pingback from HTTP headers. This will hopefully stops some bots from trying to hit your xmlrpc.php file.

Requirements

  • WordPress 3.8.1 or higher.

Requires: 3.8.1 or higher
Compatible up to: 4.2.3
Last Updated: 2015-5-2
Active Installs: 30,000+

Ratings

4.3 out of 5 stars

Support

Got something to say? Need help?

Compatibility

+
=
Not enough data

1 person says it works.
0 people say it's broken.

0,1,0
100,1,1
100,1,1
100,1,1