wee / wee-remove-xmlrpc-methods

WordPress plugin to remove all XML-RPC methods from the API.

Maintainers

Details

gitlab.com/walterebert/wee-remove-xmlrpc-methods

Homepage

Installs: 66

Dependents: 1

Suggesters: 0

Security: 0

Type:wordpress-plugin

1.4.0.3 2021-10-02 13:21 UTC

Requires

php: ^5.4 || ^7.0 || ^8.0

Requires (Dev)

composer/installers: ~1.8
dealerdirect/phpcodesniffer-composer-installer: ^0.7.1
phpcompatibility/php-compatibility: ^9.3.5
squizlabs/php_codesniffer: ^3.3.1
wp-coding-standards/wpcs: ^2.2.1

Suggests

None

Provides

None

Conflicts

None

Replaces

None

GPL-2.0-or-later 28299479071fe0a323827b074799a7b62fb6b9ce

Walter Ebert

dev-trunk
1.4.0.3
1.4.0.2
1.4.0.1
1.4.0
1.3.2
1.3.1
1.3.0
1.2.0
1.1.0.1
1.1.0
1.0.0

This package is auto-updated.

Last update: 2023-03-01 00:54:54 UTC

README

WordPress plugin to remove all WordPress related XML-RPC methods from the API.

The plugin is an alternative to just using the xmlrpc_enabled hook, because that is only used "To disable XML-RPC methods that require authentication".

Activating this plugin will disable pingbacks and trackbacks, because these rely on XML-RPC.

Testing the plugin

From the command line you can test if the plugin is working correctly using cURL:

curl -d '<?xml version="1.0"?><methodCall><methodName>system.listMethods</methodName><params><param><value><string/></value></param></params></methodCall>' https://<your domain>/xmlrpc.php

This should only return system methods.

If the request returns methods starting with wp. the plugin is not active.

Author

Walter Ebert

License

GPL-2.0-or-later