ཞིབ་བརྗོད།
Secure your site’s XML-RPC by removing some methods, instead of disabling totally XML-RPC, which is needed by some plugins (eg. Jetpack) and some mobile apps.
Features
Removes the following methods from XML-RPC interface.
- system.multicall
- system.listMethods
- system.getCapabilities
- pingback.extensions.getPingbacks
- pingback.ping
- X-Pingback from HTTP headers
This is not perfect, but it will help prerventing attacks
Requirements
- WordPress 5.0 or higher.
སྒྲིག་འཇུག
- Extract the zip file and just drop the contents in the
wp-content/plugins/directory of your WordPress installation or install it directly from your dashboard and then activate the plugin from Plugins page. - There’s not options page, simply install and activate.
FAQ
-
Is there something to do after install?
-
Yes, just activate it!
-
I already have a security plugin, do I need this plugin too?
-
It depends on your security plugin. Some secure XML-RPC, some just allow you to enable or disable it, some can stop attacks as Stop XML-RPC Attacks does. So you may have to read your security plugin FAQ / doc.
གདེང་འཇོག
བྱས་རྗེས་འཇོག་མཁན། & གསར་འབྱེད་པ།
“stop XML-RPC Attacks” is open source software. The following people have contributed to this plugin.
བྱས་རྗེས་འཇོག་མཁན།
“stop XML-RPC Attacks” has been translated into 2 locales. Thank you to the translators for their contributions.
ཁྱེད་ཀྱི་སྐད་ཡིག་ནང་ལ་ “stop XML-RPC Attacks” ཡིག་སྒྱུར་བྱོས།
Interested in development?
Browse the code, check out the SVN repository, or subscribe to the development log by RSS.
དག་བཅོས་ཉིན་ཐོ།
1.0
- Initial release