wee/wee-remove-xmlrpc-methods

WordPress plugin to remove all XML-RPC methods from the API.

1.2.0 2020-03-07 06:11 UTC

This package is auto-updated.

Last update: 2020-06-07 07:39:34 UTC


README

WordPress plugin to remove all WordPress related XML-RPC methods from the API.

The plugin is an alternative to just using the xmlrpc_enabled hook, because it is only used "To disable XML-RPC methods that require authentication".

Testing the plugin

From the command line you can test if the plugin is working correctly using cURL:

curl -d '<?xml version="1.0"?><methodCall><methodName>system.listMethods</methodName><params><param><value><string/></value></param></params></methodCall>' https://<your domain>/xmlrpc.php

This should only return system methods.

If the request returns methods starting with wp. the plugin is not active.

Author

Walter Ebert

License

GPL-2.0-or-later