Secure your site's XML-RPC by removing some methods, while you can still use XML-RPC.
| Author: | Pascal CESCATO (profile at wordpress.org) |
| WordPress version required: | 5.0 |
| WordPress version tested: | 6.4.1 |
| Plugin version: | 1.0.1 |
| Added to WordPress repository: | 26-04-2019 |
| Last updated: | 18-11-2023 |
| Rating, %: | 100 |
| Rated by: | 4 |
| Plugin URI: | |
| Total downloads: | 16 677 |
| Active installs: | 6 000+ |
 Click to start download |
|
Secure your site’s XML-RPC by removing some methods, instead of disabling totally XML-RPC, which is needed by some plugins (eg. Jetpack) and some mobile apps.
Features
Removes the following methods from XML-RPC interface.
- system.multicall
- system.listMethods
- system.getCapabilities
- pingback.extensions.getPingbacks
- pingback.ping
- X-Pingback from HTTP headers
This is not perfect, but it will help prerventing attacks
Requirements
- WordPress 5.0 or higher.
FAQ
ChangeLog