stop XML-RPC Attacks

Secure your site’s XML-RPC by removing some methods, instead of disabling totally XML-RPC, which is needed by some plugins (eg. Jetpack) and some mobile apps.

Features

Removes the following methods from XML-RPC interface.

• system.multicall
• system.listMethods
• system.getCapabilities
• pingback.extensions.getPingbacks
• pingback.ping
• X-Pingback from HTTP headers

This is not perfect, but it will help prerventing attacks

Requirements

• WordPress 5.0 or higher.

Screenshots

Categories