Security Settings

  • Resolved bibiska

    (@bibiska)


    4 years, 9 months ago

    Hi!

    I put the checkbox on “Block any access to the API”
    (in Basic Policies -> WordPress XML-RPC API)

    Is any access really blocked?

    If “yes” – do I need to put a checkbox on:
    “Block system.multicall method” (in same section)
    “Block Pingbacks” (in same section)
    and
    “Apply the protection to the xmlrpc.php” (Login Protection -> Various options)

    p.s. I need maximum protection, but I doubt if these checkboxes will duplicate “Block any access to the API” .

    Thanks

Viewing 1 replies (of 1 total)
  • Plugin Author nintechnet

    (@nintechnet)

    If you enable “Block any access to the API”, there’s no need to enable “Block system.multicall method” and “Block Pingbacks”. In fact, if you try to enable all 3 policies, you’ll see that after submitting your changes, the last two will be disabled.
    Regarding the “Login Protection > Apply the protection to the xmlrpc.php”, it works separately (anything related to the Login Protection works separately), and can be useful if you’re facing a large brute-force attack on the XML-RPC API because it will block it quicker than the firewall policies.

Viewing 1 replies (of 1 total)
  • The topic ‘Security Settings’ is closed to new replies.