Stop XML-RPC Attacks

Por Pascal CESCATO

Descrição

Stop XML-RPC Attacks protects your WordPress site from XML-RPC brute force attacks, DDoS attempts, and reconnaissance probes while maintaining compatibility with essential services like Jetpack and WooCommerce.

Features:

Three security modes: Full Disable, Guest Disable, or Selective Blocking
Blocks dangerous methods: system.multicall, pingback.ping, and more
Compatible with Jetpack and WooCommerce
Optional user enumeration blocking
Attack logging for monitoring
Zero configuration required – works out of the box
Clean, intuitive admin interface

Instalação

Upload the plugin files to /wp-content/plugins/stop-xmlrpc-attacks/
Activate the plugin through the ‘Plugins’ menu in WordPress
Go to Settings > XML-RPC Security to configure (optional)

Perguntas frequentes

Will this break Jetpack?

No! The default “Selective Blocking” mode is fully compatible with Jetpack and WooCommerce.

What’s the difference between the security modes?

Full Disable: Maximum security, disables XML-RPC completely
Guest Disable: Balanced approach, only allows XML-RPC for logged-in users
Selective Blocking: Best compatibility, only blocks dangerous methods

How do I enable logging?

Go to Settings > XML-RPC Security and check “Enable Attack Logging”. Logs will be written to your debug.log file when WP_DEBUG is enabled.

Avaliações

Anonymous User 16344271 24 setembro, 2022 1 resposta

Nice plugin thanks

Sandip Roy 21 fevereiro, 2022

It works silently in the background. This is the only security plugin I use, since a W***fence update broke my site about a year back. Gives me a peace of mind.