Secure your site's XML-RPC by removing some methods, while you can still use XML-RPC.
Author: | Pascal CESCATO (profile at wordpress.org) |
WordPress version required: | 5.0 |
WordPress version tested: | 6.4.1 |
Plugin version: | 1.0.1 |
Added to WordPress repository: | 26-04-2019 |
Last updated: | 18-11-2023 |
Rating, %: | 100 |
Rated by: | 4 |
Plugin URI: | |
Total downloads: | 16 677 |
Active installs: | 6 000+ |
Click to start download |
Secure your site’s XML-RPC by removing some methods, instead of disabling totally XML-RPC, which is needed by some plugins (eg. Jetpack) and some mobile apps.
Features
Removes the following methods from XML-RPC interface.
- system.multicall
- system.listMethods
- system.getCapabilities
- pingback.extensions.getPingbacks
- pingback.ping
- X-Pingback from HTTP headers
This is not perfect, but it will help prerventing attacks
Requirements
- WordPress 5.0 or higher.
FAQ
ChangeLog