説明
You can now disable XML-RPC to avoid Brute force attack for given IPs or can even enable access for some IPs. XML-RPC on WordPress is actually an API that gives developers who build mobile apps, desktop apps and other services, the ability to talk to a WordPress site. The XML-RPC API that WordPress provides gives developers, a way to write applications (for you) that can do many of the things that you can do when logged into WordPress via the web interface.
Features
Block XML-RPC by following way.
- Disable pingback.ping, pingback.extensions.getPingbacks and Unset X-Pingback from HTTP headers, that will block bots to access specified method.
- Disable/Block XML-RPC for all users.
- Enable XML-RPC based on IP list.
- Disable XML-RPC based on IP list.
スクリーンショット
screenshot-1.png 
screenshot-2.png
インストール
- Upload the plugin files to the
/wp-content/plugins/directory, or install the plugin through the WordPress plugins screen directly. - Activate the plugin through the ‘Plugins’ screen in WordPress
- Use the ‘XML-RPC Settings’ screen to configure the plugin.
FAQ
-
Do I need to take a backup of my existing .htaccess file
-
Yes, it’s preferable to take a backup of existing .htaccess file.
-
What if .httaccess file doesn’t have writeable permission?
-
You can copy and paste new rule in your .htaccess file from plugin setting page.
評価
2018年5月19日
it might disable xml-rpc but it does not enable it. I have been unable to post to my wordpress, i whitelisted the ip using this plugin, it didn't help at all
2016年10月8日
Easy in use! Works great!!
Block entirely the access, block only pingback or/and allow/denay by IP
2016年9月3日
simply works. I don't use jetpack and I don't care about ping backs... but I hate the staggering amount of xmlrpc attacks I've been seeing the past few months. This plugin can elegantly turn the http://your.website/xmlrpc.php URL into a 403 for the would-be attacker.
Thanks!
貢献者と開発者
変更履歴
1.0
- Beta release with basic testing.