Remove XMLRPC Pingback Ping - Version 1.1

Version Description

  • 2019/04/09
  • version bump
Download this release

Release Info

Developer WebFactory
Plugin Icon 128x128 Remove XMLRPC Pingback Ping
Version 1.1
Comparing to
See all releases

Code changes from version 1.0 to 1.1

Files changed (2) hide show
  1. README.txt +21 -21
  2. remove-xmlrpc-pingback-ping.php +30 -26
README.txt CHANGED
@@ -1,24 +1,28 @@
1
- === Remove XMLRPC Pingback Ping ===
2
- Contributors: bradvin
3
- Tags: xmlrpc
4
- Requires at least: 3.5.1
5
- Tested up to: 3.9
6
- Stable tag: trunk
7
License: GPLv2 or later
8
License URI: http://www.gnu.org/licenses/gpl-2.0.html
9
10
- Prevent your WordPress install from participating in pingback denial of service attacks.
11
12
== Description ==
13
14
- Prevent your WordPress install from participating in pingback denial of service attacks.
15
16
From sucuri.net:
17
18
> Any WordPress site with Pingback enabled (which is on by default) can be used in DDOS attacks against other sites.
19
20
- Read the FooPlugin's post [Beware : Your Site Is Part of a WordPress Pingback DDoS Botnet](http://fooplugins.com/prevent-wordpress-pingback-ddos/)
21
-
22
= Learn More =
23
24
* [How To Prevent WordPress From Participating In Pingback Denial of Service Attacks](http://wptavern.com/how-to-prevent-wordpress-from-participating-in-pingback-denial-of-service-attacks) - wptavern.com
@@ -33,14 +37,6 @@ Use [Sucuri's WordPress DDOS Scanner](http://labs.sucuri.net/?is-my-wordpress-dd
33
34
Yes, you can choose to do that using the plugin [Disable XML-RPC](http://wordpress.org/plugins/disable-xml-rpc/), but if you use popular plugins like JetPack (that use XMLRPC) then those plugins will stop working 100%. That is why this small plugin exists.
35
36
- = How To Test Your Site? =
37
-
38
- Follow the steps in the [GitHub repo](https://github.com/fooplugins/remove-xmlrpc-pingback-ping#how-to-test-your-site)
39
-
40
- = Disclaimer =
41
-
42
- I did not write this code. I just put it together in a plugin so more people can easily install and use it. Original code from wptavern.com and sucuri.net in the links above.
43
-
44
== Installation ==
45
46
= Using The WordPress Dashboard =
@@ -67,8 +63,8 @@ I did not write this code. I just put it together in a plugin so more people can
67
68
== Screenshots ==
69
70
- 1. POSTMAN: Without the plugin installed
71
- 2. POSTMAN: With the plugin installed
72
73
== Frequently Asked Questions ==
74
@@ -78,5 +74,9 @@ It could be! Use [Sucuri's WordPress DDOS Scanner](http://labs.sucuri.net/?is-my
78
79
== Changelog ==
80
81
= 1.0.0 =
82
- * First release
1
+ === Remove & Disable XML-RPC Pingback ===
2
+ Contributors: WebFactory, wpreset, googlemapswidget, securityninja, underconstructionpage
3
+ Tags: xmlrpc, xml-rpc, ping, pingback, disable ping, disable xmlrpc, disable pingback, disable xml-rpc
4
+ Requires at least: 4.0
5
+ Requires PHP: 5.2
6
+ Tested up to: 5.2
7
+ Stable tag: 1.1
8
License: GPLv2 or later
9
License URI: http://www.gnu.org/licenses/gpl-2.0.html
10
11
+ Prevent pingback, XML-RPC and denial of service attacks by disabling the XML-RPC pingback functionality.
12
13
== Description ==
14
15
+ Prevent your WordPress site from participating and being a victim of pingback denial of service attacks. **After activation the plugin automatically disables XML-RPC. There's no need to configure anything.**
16
+
17
+ By disabling the XML-RPC pingback you'll:
18
+ * lower your server CPU usage
19
+ * prevent malicious scripts from using your site to run pingback denial of service attacks
20
+ * prevent malicious scripts to run denial of service attacks on your site via pingback
21
22
From sucuri.net:
23
24
> Any WordPress site with Pingback enabled (which is on by default) can be used in DDOS attacks against other sites.
25
26
= Learn More =
27
28
* [How To Prevent WordPress From Participating In Pingback Denial of Service Attacks](http://wptavern.com/how-to-prevent-wordpress-from-participating-in-pingback-denial-of-service-attacks) - wptavern.com
37
38
Yes, you can choose to do that using the plugin [Disable XML-RPC](http://wordpress.org/plugins/disable-xml-rpc/), but if you use popular plugins like JetPack (that use XMLRPC) then those plugins will stop working 100%. That is why this small plugin exists.
39
40
== Installation ==
41
42
= Using The WordPress Dashboard =
63
64
== Screenshots ==
65
66
+ 1. Postman: Without the plugin installed
67
+ 2. Postman: With the plugin installed
68
69
== Frequently Asked Questions ==
70
74
75
== Changelog ==
76
77
+ = 1.1 =
78
+ * 2019/04/09
79
+ * version bump
80
+
81
= 1.0.0 =
82
+ * First release
remove-xmlrpc-pingback-ping.php CHANGED
@@ -1,35 +1,39 @@
1
<?php
2
- /**
3
- * Remove XMLRPC Pingback Ping
4
- *
5
- * Prevent WordPress From Participating In Pingback Denial of Service Attacks
6
- *
7
- * @package Remove_XMLRPC_Pingback_Ping
8
- * @author Brad Vincent <bradvin@gmail.com>
9
- * @license GPL-2.0+
10
- * @link http://wordpress.org/plugins/remove-xmlrpc-pingback-ping
11
- * @copyright 2014 Brad Vincent
12
- *
13
- * @wordpress-plugin
14
- * Plugin Name: Remove XMLRPC Pingback Ping
15
- * Plugin URI: http://wordpress.org/plugins/remove-xmlrpc-pingback-ping
16
- * Description: Prevent WordPress From Participating In Pingback Denial of Service Attacks
17
- * Version: 1.0.0
18
- * Author: Brad Vincent
19
- * Author URI: http://fooplugins.com
20
- * License: GPL-2.0+
21
- * License URI: http://www.gnu.org/licenses/gpl-2.0.txt
22
- * GitHub Plugin URI: https://github.com/fooplugins/remove-xmlrpc-pingback-ping
23
- */
24
25
// If this file is called directly, abort.
26
if ( ! defined( 'WPINC' ) ) {
27
- die;
28
}
29
30
add_filter( 'xmlrpc_methods', 'remove_xmlrpc_pingback_ping' );
31
32
function remove_xmlrpc_pingback_ping( $methods ) {
33
- unset( $methods['pingback.ping'] );
34
- return $methods;
35
- }
1
<?php
2
+ /*
3
+ Plugin Name: Remove XMLRPC Pingback Ping
4
+ Plugin URI: http://wordpress.org/plugins/remove-xmlrpc-pingback-ping
5
+ Description: Prevent WordPress from participating in and being a victim of pingback denial of service attacks.
6
+ Version: 1.1
7
+ Author: WebFactory Ltd
8
+ Author URI: https://www.webfactoryltd.com/
9
+ License: GPL-2.0+
10
+ License URI: http://www.gnu.org/licenses/gpl-2.0.txt
11
+
12
+ Copyright 2014 - 2019 Web factory Ltd (email: support@webfactoryltd.com)
13
+
14
+ This program is free software; you can redistribute it and/or modify
15
+ it under the terms of the GNU General Public License, version 2, as
16
+ published by the Free Software Foundation.
17
+
18
+ This program is distributed in the hope that it will be useful,
19
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
20
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21
+ GNU General Public License for more details.
22
+
23
+ You should have received a copy of the GNU General Public License
24
+ along with this program; if not, write to the Free Software
25
+ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
26
+ */
27
+
28
29
// If this file is called directly, abort.
30
if ( ! defined( 'WPINC' ) ) {
31
+ die;
32
}
33
34
add_filter( 'xmlrpc_methods', 'remove_xmlrpc_pingback_ping' );
35
36
function remove_xmlrpc_pingback_ping( $methods ) {
37
+ unset( $methods['pingback.ping'] );
38
+ return $methods;
39
+ }