XML-RPC is a Remote Procedure Call (RPC) protocol which uses XML to encode its calls and HTTP as a transport mechanism. XML-RPC is used to do something remotely to your blog such as posting, viewing comments, etc.
By default, WordPress enables XML-RPC automatically!
**Disable XML-RPC Pingback**
„https://wordpress.org/plugins/disable-xml-rpc-pingback/“:https://wordpress.org/plugins/disable-xml-rpc-pingback/
This is more friendly than disabling totally XML-RPC, that it’s needed by some plugins and apps (I.e. Mobile apps or some Jetpack’s modules).
Vypnutí pingbacků ve functions.php (totéž jako výše uvedený plugin)
/—code php
function remove_xmlrpc_pingback_ping( $methods ) {
unset( $methods[‚pingback.ping‘] );
return $methods;
}
add_filter( ‚xmlrpc_methods‘, ‚remove_xmlrpc_pingback_ping‘ );
\—
**How to disable XML-RPC manually:**
1) turn off XML-RPC in functions.php
/—code php
add_filter(‚xmlrpc_enabled‘, ‚__return_false‘);
\—
2) hide xmlrpc.php in HTTP response headers in functions.php
/—code php
function disable_x_pingback($headers)
{
unset( $headers[‚X-Pingback‘] );
return $headers;
}
add_filter(‚wp_headers‘, ‚disable_x_pingback‘);
\—
3) deny request to xmlrpc.php in .htaccess
/—code php
RedirectMatch 403 /xmlrpc.php
\—
or
/—code php
Order Deny,Allow
Deny from all
\—
„Zdroj »“:http://www.deluxeblogtips.com/2013/08/disable-xml-rpc-wordpress.html
