Plugins and XMLRPC | ww.wp.xz.cn

jmoran888
(@jmoran888)

6 years, 8 months ago

I want to disable xmlrpc.php on my WP site to prevent brute force attacks – however i want to make sure that there are no plugins that are actually using it. I’ve searched the code for xmlrpc.php and have not found anything. Is there anything else i should do ? Is there a list of plugins somewhere that are known users ? I disabled it on one of my 2 servers and its showing an nginx error log
2019/10/14 21:58:48 [error] 28017#28017: *420 access forbidden by rule, client: 172.26.30.210, server: xxx, request: “POST /xmlrpc.php HTTP/1.1”, host: “xxx”
2019/10/14 21:59:49 [error] 28017#28017: *437 access forbidden by rule, client: 172.26.4.74, server: xxx, request: “POST /xmlrpc.php HTTP/1.1”, host: “xxx”

They always seem to be coming from the same 2 client IPs

Thanks

The topic ‘Plugins and XMLRPC’ is closed to new replies.

Tags

xmlrpc

0 replies
1 participant
Last reply from: jmoran888
Last activity: 6 years, 8 months ago
Status: not resolved

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics