Support » Plugin: Disable XML-RPC-API » Allowable IP Addresses written into .htaccess?

  • Resolved Unsu

    (@unsu)


    I have your plugin used on many sites, and it cut my brute force attacks down by 100%, so have been very happy.

    I noticed on one site today my htaccess file was modified with 10 entries of ‘Allow from xxx.xxx.xxx.xxx/32’ inside the DS-XML-RPC-API <Files>.

    I didn’t whitelist any IPs in the settings. I don’t see these allowed IPS on any other site htaccess files with this plugin.

    Were these added maliciously, should I be concerned? Thanks!

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author Amin Nazemi

    (@aminnz)

    Hello, @unsu
    In the last update, we added some new features one of them is allowing Jetpack to access your XML-RPC by whitelisting the main Jetpack ip’s.
    You don’t need to worry, but if you don’t use Jetpack on your website, you can turn off this feature in the plugin settings.

    Thread Starter Unsu

    (@unsu)

    Excellent – thank you for your work.

Viewing 2 replies - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.