Stop XML-RPC Attacks

རྩོམ་པ་པོ། Pascal CESCATO

ཞིབ་བརྗོད།

Stop XML-RPC Attacks protects your WordPress site from XML-RPC brute force attacks, DDoS attempts, and reconnaissance probes while maintaining compatibility with essential services like Jetpack and WooCommerce.

Features:

Three security modes: Full Disable, Guest Disable, or Selective Blocking
Blocks dangerous methods: system.multicall, pingback.ping, and more
Compatible with Jetpack and WooCommerce
Optional user enumeration blocking
Attack logging for monitoring
Zero configuration required – works out of the box
Clean, intuitive admin interface

སྒྲིག་འཇུག

Upload the plugin files to /wp-content/plugins/stop-xmlrpc-attacks/
Activate the plugin through the ‘Plugins’ menu in WordPress
Go to Settings > XML-RPC Security to configure (optional)

FAQ

Will this break Jetpack?

No! The default “Selective Blocking” mode is fully compatible with Jetpack and WooCommerce.

What’s the difference between the security modes?

Full Disable: Maximum security, disables XML-RPC completely
Guest Disable: Balanced approach, only allows XML-RPC for logged-in users
Selective Blocking: Best compatibility, only blocks dangerous methods

How do I enable logging?

Go to Settings > XML-RPC Security and check “Enable Attack Logging”. Logs will be written to your debug.log file when WP_DEBUG is enabled.

གདེང་འཇོག

Anonymous User 16344271 2022 ལོའི་ཟླ 9 ཚེས 24 ཉིན། 1 reply

Nice plugin thanks

Sandip Roy 2022 ལོའི་ཟླ 2 ཚེས 21 ཉིན།

It works silently in the background. This is the only security plugin I use, since a W***fence update broke my site about a year back. Gives me a peace of mind.