説明
Stops abuse of your site’s XML-RPC by simply removing some methods used by attackers. While you can use the rest of XML-RPC methods.
This is more friendly than disabling totally XML-RPC, that it’s needed by some plugins and apps (I.e. Mobile apps or some Jetpack’s modules).
機能
Removes the following methods from XML-RPC interface.
- pingback.ping
- pingback.extensions.getPingbacks
- X-Pingback from HTTP headers. This will hopefully stops some bots from trying to hit your xmlrpc.php file.
要件
- WordPress 3.8.1 or higher.
インストール
- Extract the zip file and just drop the contents in the
wp-content/plugins/
directory of your WordPress installation (or install it directly from your dashboard) and then activate the plugin from Plugins page. - There’s not options page, simply install and activate.
評価
2020年10月3日
This broke my site, I had to revert to a backup on the server after installing it.
2017年1月20日
Gran trabajo Samuel, en combinación con algunas reglas de htaccess hace un trabajo fantástico.
2016年11月19日
Thank you for this free and great plugin.
2016年9月3日
Does what it says and this is what needed for a XMLRPC attacks.
Thanks.
2016年9月3日
I'm confused here... I see this plugin I've never heard of and I never installed... and the bad thing is; I can't remove it!
If this is a security plugin it sure doesn't behave like it!
It's behaviour is a no-go for me.
Update: My hosting provider admittd they have installed this plugin. But they never notified me. So now I'm giving a 5 star rating.
貢献者と開発者
変更履歴
1.2.1
- Minor changes to make code 100% compliant with WordPress Coding Standards.
1.2
- Added support for X-Pingback header removal in recent versions of WP.
1.1
- Added code to remove X-Pingback from HTTP headers as suggested by user https://wordpress.org/support/topic/remove-x-pingback-http-header
1.0
- 最初のリリース。