Disable XML-RPC Pingback

Description

Stops abuse of your site’s XML-RPC by simply removing some methods used by attackers. While you can use the rest of XML-RPC methods.

This is more friendly than disabling totally XML-RPC, that it’s needed by some plugins and apps (I.e. Mobile apps or some Jetpack’s modules).

Features

Removes the following methods from XML-RPC interface.

  • pingback.ping
  • pingback.extensions.getPingbacks

Also removes X-Pingback from HTTP headers. This will hopefully stops some bots from trying to hit your xmlrpc.php file.

Requirements

  • WordPress 3.8.1 or higher.

Reviews

Read all 11 reviews

Changelog

1.1

  • Added code to remove X-Pingback from HTTP headers as suggested by user https://wordpress.org/support/topic/remove-x-pingback-http-header

1.0

  • Initial release.

Contributors & Developers

This is open source software. The following people have contributed to this plugin.

Contributors

Browse the code