FAIR

Federated and Independent Repositories

Discover, trust, install: FAIR 1.0 is here

Plugin Banner

Disable XML-RPC Pingback

by Samuel Aguilera

Version: 1.2.2

Download
Description

Stops abuse of your site’s XML-RPC by simply removing some methods used by attackers. While you can use the rest of XML-RPC methods.

This is more friendly than disabling totally XML-RPC, that it’s needed by some plugins and apps (I.e. Mobile apps or some Jetpack’s modules).

  • The original one.
  • Simple and effective.
  • No marketing buzz.
  • Maintained and updated when needed since 2014.
  • 100% compliant with WordPress coding standards which makes it fail safe.
  • 60,000+ active installations can’t be wrong.

If you’re happy with the plugin please don’t forget to give it a good rating, it will motivate me to keep sharing and improving this plugin (and others).

Features

Removes the following methods from XML-RPC interface.

  • pingback.ping
  • pingback.extensions.getPingbacks
  • X-Pingback from HTTP headers. This will hopefully stops some bots from trying to hit your xmlrpc.php file.

Requirements

  • WordPress 3.8.1 or higher.
  • Extract the zip file and just drop the contents in the wp-content/plugins/ directory of your WordPress installation (or install it directly from your dashboard) and then activate the plugin from Plugins page.
  • There’s not options page, simply install and activate.

This haven't updated over than a year

By morti037 on May 13, 2021

There is better option than this plugin. I have used disable xmlrpc api and its works fine for me.

Broke my site

By captainzandra on October 3, 2020

This broke my site, I had to revert to a backup on the server after installing it.

Fantástico plugin, imprescindible

By Fernando Tellado (fernandot) on January 20, 2017

Gran trabajo Samuel, en combinación con algunas reglas de htaccess hace un trabajo fantástico.

Great plugins

By wplike75 on November 19, 2016

Thank you for this free and great plugin.

Awesome and Effective Plugin.

By gmyoganand on September 3, 2016

Does what it says and this is what needed for a XMLRPC attacks.

Thanks.

I never installed this myself?

By yolandal on September 3, 2016

I'm confused here... I see this plugin I've never heard of and I never installed... and the bad thing is; I can't remove it!
If this is a security plugin it sure doesn't behave like it!
It's behaviour is a no-go for me.

Update: My hosting provider admittd they have installed this plugin. But they never notified me. So now I'm giving a 5 star rating.

1.2.2

  • Improved WP version checking to avoid a notice under certain versions of WP.

1.2.1

  • Minor changes to make code 100% compliant with WordPress Coding Standards.

1.2

  • Added support for X-Pingback header removal in recent versions of WP.

1.1

  • Added code to remove X-Pingback from HTTP headers as suggested by user https://wordpress.org/support/topic/remove-x-pingback-http-header

1.0

  • Initial release.
  • Version:Version: 1.2.2
  • Active installs:Active installs: 60K
  • Last updated:Last updated: 06-04-2024
  • Requires:Requires: 4.8
  • Tested:Tested: 6.5.5
Average rating:3.8 out of 5 stars.
  • Number of ratings: 9 ratings
  • Number of ratings: 0 ratings
  • Number of ratings: 0 ratings
  • Number of ratings: 0 ratings
  • Number of ratings: 4 ratings
Back to top