Changeset 3163415
- Timestamp:
- 10/06/2024 08:11:54 AM (16 months ago)
- Location:
- wee-remove-xmlrpc-methods
- Files:
-
- 4 edited
- 1 copied
-
tags/1.4.1 (copied) (copied from wee-remove-xmlrpc-methods/trunk)
-
tags/1.4.1/readme.txt (modified) (2 diffs)
-
tags/1.4.1/wee-remove-xmlrpc-methods.php (modified) (1 diff)
-
trunk/readme.txt (modified) (2 diffs)
-
trunk/wee-remove-xmlrpc-methods.php (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
wee-remove-xmlrpc-methods/tags/1.4.1/readme.txt
r3110768 r3163415 1 1 === Remove XML-RPC Methods === 2 2 Contributors: walterebert 3 Tags: xml-rpc 3 Tags: xml-rpc, xmlrpc, security 4 4 Requires at least: 4.6 5 5 Tested up to: 6.6 6 6 Requires PHP: 5.4.0 7 Stable tag: 1.4. 07 Stable tag: 1.4.1 8 8 License: GPL-2.0-or-later 9 9 License URI: https://spdx.org/licenses/GPL-2.0-or-later.html 10 10 11 Remove all methods from the WordPress XML-RPC API.11 Remove all WordPress methods from the XML-RPC API to increase security. 12 12 13 13 == Description == 14 14 15 Th e plugin removes all methods from the WordPress XML-RPC API. It is an alternative to just using the `xmlrpc_enabled` hook, because that is only used "To disable XML-RPC methods that require authentication".15 This plugin does more than just using the `xmlrpc_enabled` hook, because that is only used “To disable XML-RPC methods that require authentication”. 16 16 17 Activating this plugin will disable pingbacks and trackbacks, because these rely on XML-RPC. 17 Activating this plugin will also disable pingbacks, trackbacks, and Really Simple Discovery (RSD), because these rely on XML-RPC. 18 19 It works with any webserver, because it does not use the .htaccess file. 18 20 19 21 = Testing the plugin = 20 22 21 From the command line you can test if the plugin is working correctly using [cURL](https://curl.haxx.se/) :23 From the command line you can test if the plugin is working correctly using [cURL](https://curl.haxx.se/). Replace the `example.com` link to match your website: 22 24 23 25 <pre><code> 24 curl -d '<?xml version="1.0"?><methodCall><methodName>system.listMethods</methodName><params><param><value><string/></value></param></params></methodCall>' https:// <your domain>/xmlrpc.php26 curl -d '<?xml version="1.0"?><methodCall><methodName>system.listMethods</methodName><params><param><value><string/></value></param></params></methodCall>' https://example.com/xmlrpc.php 25 27 </code></pre> 26 28 27 This should only return `system` methods. 28 29 If the request returns methods starting with `wp.` the plugin is not active. 29 This should only return the following methods: 30 - `system.multicall` 31 - `system.listMethods` 32 - `system.getCapabilities` 30 33 31 34 == Installation == … … 35 38 36 39 == Changelog == 40 41 = 1.4.1 = 42 * Updated description and tags 37 43 38 44 = 1.4.0 = -
wee-remove-xmlrpc-methods/tags/1.4.1/wee-remove-xmlrpc-methods.php
r2475840 r3163415 4 4 * Plugin URI: https://gitlab.com/walterebert/wee-remove-xmlrpc-methods 5 5 * Description: Remove all methods from the WordPress XML-RPC API. 6 * Version: 1.4. 06 * Version: 1.4.1 7 7 * Author: Walter Ebert 8 * Author URI: https://w alterebert.com8 * Author URI: https://wee.press 9 9 * Text Domain: wee-remove-xmlrpc-methods 10 10 * License: GPL-2.0-or-later -
wee-remove-xmlrpc-methods/trunk/readme.txt
r3110768 r3163415 1 1 === Remove XML-RPC Methods === 2 2 Contributors: walterebert 3 Tags: xml-rpc 3 Tags: xml-rpc, xmlrpc, security 4 4 Requires at least: 4.6 5 5 Tested up to: 6.6 6 6 Requires PHP: 5.4.0 7 Stable tag: 1.4. 07 Stable tag: 1.4.1 8 8 License: GPL-2.0-or-later 9 9 License URI: https://spdx.org/licenses/GPL-2.0-or-later.html 10 10 11 Remove all methods from the WordPress XML-RPC API.11 Remove all WordPress methods from the XML-RPC API to increase security. 12 12 13 13 == Description == 14 14 15 Th e plugin removes all methods from the WordPress XML-RPC API. It is an alternative to just using the `xmlrpc_enabled` hook, because that is only used "To disable XML-RPC methods that require authentication".15 This plugin does more than just using the `xmlrpc_enabled` hook, because that is only used “To disable XML-RPC methods that require authentication”. 16 16 17 Activating this plugin will disable pingbacks and trackbacks, because these rely on XML-RPC. 17 Activating this plugin will also disable pingbacks, trackbacks, and Really Simple Discovery (RSD), because these rely on XML-RPC. 18 19 It works with any webserver, because it does not use the .htaccess file. 18 20 19 21 = Testing the plugin = 20 22 21 From the command line you can test if the plugin is working correctly using [cURL](https://curl.haxx.se/) :23 From the command line you can test if the plugin is working correctly using [cURL](https://curl.haxx.se/). Replace the `example.com` link to match your website: 22 24 23 25 <pre><code> 24 curl -d '<?xml version="1.0"?><methodCall><methodName>system.listMethods</methodName><params><param><value><string/></value></param></params></methodCall>' https:// <your domain>/xmlrpc.php26 curl -d '<?xml version="1.0"?><methodCall><methodName>system.listMethods</methodName><params><param><value><string/></value></param></params></methodCall>' https://example.com/xmlrpc.php 25 27 </code></pre> 26 28 27 This should only return `system` methods. 28 29 If the request returns methods starting with `wp.` the plugin is not active. 29 This should only return the following methods: 30 - `system.multicall` 31 - `system.listMethods` 32 - `system.getCapabilities` 30 33 31 34 == Installation == … … 35 38 36 39 == Changelog == 40 41 = 1.4.1 = 42 * Updated description and tags 37 43 38 44 = 1.4.0 = -
wee-remove-xmlrpc-methods/trunk/wee-remove-xmlrpc-methods.php
r2475840 r3163415 4 4 * Plugin URI: https://gitlab.com/walterebert/wee-remove-xmlrpc-methods 5 5 * Description: Remove all methods from the WordPress XML-RPC API. 6 * Version: 1.4. 06 * Version: 1.4.1 7 7 * Author: Walter Ebert 8 * Author URI: https://w alterebert.com8 * Author URI: https://wee.press 9 9 * Text Domain: wee-remove-xmlrpc-methods 10 10 * License: GPL-2.0-or-later
Note: See TracChangeset
for help on using the changeset viewer.