xmlrpc.php – safe or do I really need it ? | WordPress.org

Resolved pete_398
(@pete_398)

9 years, 12 months ago

Getting many attempts to post to xmlrpc.php lately.

1. Is this file safe, or is there SQL injection vulnerability issues ?

2. I don’t use trackbacks or pingbacks, or whatever they are called. Nor do I have need of such. Therefore, can I simply remove xmlrpc.php without affecting the WP website ?

(Yes, if people try to access it, they will get 404’s; that’s okay)

Viewing 2 replies - 1 through 2 (of 2 total)

esmi
(@esmi)

9 years, 12 months ago

1. The file is safe and any security issues were patched a long time ago but the stoopid hackers haven’t cottoned on yet and still keep trying.

2. You should be able to rename the file without any problem but you’ll have to remember to do this again after every core update. It would better to consider using Cloudflare on your site to cut down on these quasi-attacks. It worked for me.

Thread Starter pete_398
(@pete_398)

9 years, 12 months ago

Okay, thanks for your advice. I will checkout Cloudfare.

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘xmlrpc.php – safe or do I really need it ?’ is closed to new replies.

Tags

In: Fixing WordPress
2 replies
2 participants
Last reply from: pete_398
Last activity: 9 years, 12 months ago
Status: resolved

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics