xmlrpc.php and security

  • Cyndy Otty

    (@ceo)


    20 years, 7 months ago

    (I don’t know where to put this, I’m sorry.)

    In my error logs today a specific IP was searching ALL OVER for this file – in what looks to me as the assumed possible installation folders (i.e. /wordpress, /postnuke, /tikiwiki, /weblog, /blog, etc.).

    I’m curious – what is this file? What does it do? (I’m sorry if this is a stupid/obvious question.) Should I be worried about security. I mean the file isn’t exactly hidden – it’s exactly where it would be expected to be when WP is installed in the root of a site.

Viewing 6 replies - 1 through 6 (of 6 total)
  • Sushubh

    (@sushubh)

    20 years, 7 months ago

    it is used to ping the sites which track the updates on your site if you tell them to… :-S

    Thread Starter Cyndy Otty

    (@ceo)

    20 years, 7 months ago

    Okie-day, but that doesn’t so much answer my “should I be worried about security” question.

    Moderator James Huff

    (@macmanx)

    20 years, 7 months ago

    Should I be worried about security?

    No. Let the WP developers be concerned about security for you. They will release security updates accordingly.

    Thread Starter Cyndy Otty

    (@ceo)

    20 years, 7 months ago

    *salutes* Yessir, macmanx. 🙂

    whooami

    (@whooami)

    20 years, 7 months ago

    I beg to differ. All web site owners should be CONCERNED about security. Should you worry? Probably not. But a healthy concern is not a bad thing.

    After all, I do not let the car dealership worry about scheduling oil changes or tire rotations for my Jeep. It’s my responsibility, not theirs.

    Moderator James Huff

    (@macmanx)

    20 years, 7 months ago

    I beg to differ. All web site owners should be CONCERNED about security. Should you worry? Probably not. But a healthy concern is not a bad thing.

    Good point, Whooami. Pro-active observation and response is usually a user’s best defense.

Viewing 6 replies - 1 through 6 (of 6 total)

The topic ‘xmlrpc.php and security’ is closed to new replies.

Tags