Website redirect to xmlrpc | WordPress.org

Resolved mbnocx
(@mbnocx)

12 years, 8 months ago

Does this plugin add the following redirect into cPanel for the site the blog is installed on?

/(.*)/xmlrpc\.php$

I noticed this redirect on the website I have for my WP blog. I have never added this myself and I am not sure what or who did. I want to rule out All in One WP Security or hopefully get a confirmation that this is normal.

Thanks!

http://wordpress.org/plugins/all-in-one-wp-security-and-firewall/

Viewing 2 replies - 1 through 2 (of 2 total)

mra13
(@mra13)

12 years, 8 months ago

If you enable the pingback vulnerability firewall in the settings of this plugin then it will add a rule in the .htaccess file to disable access to that fiel.

I am not sure what you mean by redirection into cPanel though.
Thread Starter mbnocx
(@mbnocx)

12 years, 8 months ago
Thanks for the response mra13. Yes, this does appear to be something from this plugin.

What I mean by the cPanel note is that when I login to my cPanel at my hosting company, go to ‘Addon Domains’ and look at the domain that my WP blog is installed on, it has a redirection to the following command/file/entry (whatever this is):

/(.*)/xmlrpc\.php$

I also went to cPanel, then to ‘Redirects’ and it shows that all of my domains have a 403 redirection going to this same string:

/(.*)/xmlrpc\.php$

I find this exact same string in my .htaccess file which leads me to believe this is all normal behavior. Since I was not sure, and I was a bit concerned my site and/or my cPanel login were hacked, I wanted to make sure.
```
#AIOWPS_BASIC_HTACCESS_RULES_END
#AIOWPS_PINGBACK_HTACCESS_RULES_START
<IfModule mod_alias.c>
RedirectMatch 403 /(.*)/xmlrpc\.php$
</IfModule>
```

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Website redirect to xmlrpc’ is closed to new replies.

2 replies
2 participants
Last reply from: mbnocx
Last activity: 12 years, 8 months ago
Status: resolved