WordPress.org

Forums

xmlrpc.php and security (7 posts)

  1. Cyndy Otty
    Member
    Posted 10 years ago #

    (I don't know where to put this, I'm sorry.)

    In my error logs today a specific IP was searching ALL OVER for this file - in what looks to me as the assumed possible installation folders (i.e. /wordpress, /postnuke, /tikiwiki, /weblog, /blog, etc.).

    I'm curious - what is this file? What does it do? (I'm sorry if this is a stupid/obvious question.) Should I be worried about security. I mean the file isn't exactly hidden - it's exactly where it would be expected to be when WP is installed in the root of a site.

  2. OperaManiac
    Member
    Posted 10 years ago #

    it is used to ping the sites which track the updates on your site if you tell them to... :-S

  3. Cyndy Otty
    Member
    Posted 10 years ago #

    Okie-day, but that doesn't so much answer my "should I be worried about security" question.

  4. James Huff
    Volunteer Moderator
    Posted 10 years ago #

    Should I be worried about security?

    No. Let the WP developers be concerned about security for you. They will release security updates accordingly.

  5. Cyndy Otty
    Member
    Posted 10 years ago #

    *salutes* Yessir, macmanx. :)

  6. whooami
    Member
    Posted 10 years ago #

    I beg to differ. All web site owners should be CONCERNED about security. Should you worry? Probably not. But a healthy concern is not a bad thing.

    After all, I do not let the car dealership worry about scheduling oil changes or tire rotations for my Jeep. It's my responsibility, not theirs.

  7. James Huff
    Volunteer Moderator
    Posted 10 years ago #

    I beg to differ. All web site owners should be CONCERNED about security. Should you worry? Probably not. But a healthy concern is not a bad thing.

    Good point, Whooami. Pro-active observation and response is usually a user's best defense.

Topic Closed

This topic has been closed to new replies.

About this Topic