Hello @ka2id
I think this sounds like a similar issue for another user, please make sure you check only that the “pingback.ping” has been disabled, not the whole XML-RPC section. That is the point of this particular plugin to block one particular piece of functionality.
The login attempts are not going to stop, this plugin blocks the “pingback” method that was abused a lot. This has nothing to do with blocking login attempts, so your expectations is based on something that the plugin never offered.
This plugin is for websites that still used the XML-RPC features, but want to have the particular “pingback.ping” method disabled.
When you want to test the efficiency of the plugin, please only test that part. There is a good explanation on why this plugin was made to begin with (not me) and how to test it here: fooplugins.com/prevent-wordpress-pingback-ddos/
I have just gone through the process again, and on the two sites I tested it worked as expected. The XML-RPC was not fully blocked, but the particular method “pingback.ping” was.
It would have been very nice of you to create a support ticket to get help, instead of a one-star review. But I hope you will at least update this review to reflect the information I have explained.
