[WordPress] Avoid xmlrpc attack

Posted on 2015 年 12 月 12 日 by cowman.chiang

add below code in the functions.php in your themes.

add_filter('xmlrpc_enabled', '__return_false');

1
2

add_filter('xmlrpc_enabled', '__return_false');

edit .htaccess

#protect xmlrpc <Files xmlrpc.php> Order Deny,Allow Deny from all </Files>

1
2
3
4
5
6

#protect xmlrpc
<Files xmlrpc.php>
Order Deny,Allow
Deny from all
</Files>

delete the xmlrpc.php file

Ref. 解決WordPress被利用xmlrpc.php文件攻擊導致內存超負荷

This entry was posted in WordPress. Bookmark the permalink.

[WordPress] Avoid xmlrpc attack

Categories