WordPress.org

Plugin Directory

Disable XML-RPC Pingback

Stops abuse of your site's XML-RPC by simply removing some methods used by attackers. While you can use the rest of XML-RPC methods.

Stops abuse of your site's XML-RPC by simply removing some methods used by attackers. While you can use the rest of XML-RPC methods.

This is more friendly than disabling totally XML-RPC, that it's needed by some plugins and apps (I.e. Mobile apps or some Jetpack's modules).

Features

Removes the following methods from XML-RPC interface.

  • pingback.ping
  • pingback.extensions.getPingbacks

Also removes X-Pingback from HTTP headers. This will hopefully stops some bots from trying to hit your xmlrpc.php file.

Requirements

  • WordPress 3.8.1 or higher.

Requires: 3.8.1 or higher
Compatible up to: 4.4.2
Last Updated: 2 weeks ago
Active Installs: 40,000+

Ratings

3.9 out of 5 stars

Support

1 of 2 support threads in the last two months have been marked resolved.

Got something to say? Need help?

Compatibility

+
=
Not enough data

0 people say it works.
0 people say it's broken.

0,1,0
100,1,1
100,1,1
100,1,1
0,1,0