Plugin Reviews

Secure XML-RPC

More secure wrapper for the WordPress XML-RPC interface.

1 review
Average Rating
3 out of 5 stars
You are currently viewing the reviews that provided a rating of 5 stars. Click here to see all reviews.
Must have when using WordPress XMLRPC API
By , for WP 3.9.2

In general, it's good that the WordPress XMLRPC API is enabled per default in order to allow more integrated Web platforms and software, but the username/password authentication mechanism makes a WordPress installation very vulnerable to brute force and dictionary attacks, and even primitive network sniffing if HTTPS isn't used. Hashing a private authentication key as provided with this plugin should be a minimum requirement for any use of WordPress XMLRPC and is very important to prevent easy take-over of user accounts.

You must log in to submit a review. You can also log in or register using the form near the top of this page.