xmlrpc.php – safe or do I really need it ?

  • Resolved pete_398

    (@pete_398)


    10 years, 7 months ago

    Getting many attempts to post to xmlrpc.php lately.

    1. Is this file safe, or is there SQL injection vulnerability issues ?

    2. I don’t use trackbacks or pingbacks, or whatever they are called. Nor do I have need of such. Therefore, can I simply remove xmlrpc.php without affecting the WP website ?

    (Yes, if people try to access it, they will get 404’s; that’s okay)

Viewing 2 replies - 1 through 2 (of 2 total)

  • 1. The file is safe and any security issues were patched a long time ago but the stoopid hackers haven’t cottoned on yet and still keep trying.

    2. You should be able to rename the file without any problem but you’ll have to remember to do this again after every core update. It would better to consider using Cloudflare on your site to cut down on these quasi-attacks. It worked for me.

    Thread Starter pete_398

    (@pete_398)

    Okay, thanks for your advice. I will checkout Cloudfare.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘xmlrpc.php – safe or do I really need it ?’ is closed to new replies.