WordPress XML-RPC DDoS Protection – protect xmlrpc.php, block xmlrpc.php, forbid xmlrpc.php

Home Forums BulletProof Security Pro WordPress XML-RPC DDoS Protection – protect xmlrpc.php, block xmlrpc.php, forbid xmlrpc.php

Viewing 5 posts - 46 through 50 (of 50 total)
  • Author
    Posts
  • #34434
    jenni101
    Participant

    @AITpro – VERY basic Q I’m afraid as I’m getting a bit confused: Where it says “You can whitelist your IP address…”, does this refer to your SITE’s own IP or to your own current IP? Thanks.

    #34437
    AITpro Admin
    Keymaster

    @ jenni101 – Don’t even bother adding the XML-RPC Protection Bonus Custom Code.  A long time ago WordPress fixed the vulnerability with XML-RPC so this Bonus Custom Code is no longer necessary/needed.

    #40701
    Rami M
    Participant

    Brilliant! Could help to update the topic to show “XML-RPC Protection Bonus Custom Code” is no longer necessary/needed.

    #42553
    Mario Guedes
    Participant

    I’m completely confused. Today I sent an email to support, saying that I am not able to connect my jetpack to my website anymore after installing bullet. However, I just read the admin saying that the Bonus code is no longer needed Bonus Custom Code. Now, how does the plugin respond that it is necessary? Can someone help me?

    #42555
    AITpro Admin
    Keymaster

    @ Mario Guedes – At some point WordPress fixed the vulnerabilities in the xmlrpc.php file, which was many years ago.  So you no longer need to block access to the xmlrpc.php file.  There is nothing in the default BPS code that blocks Jetpack.  So if you added the xmlrpc.php blocking Bonus Custom Code at some point then yes that would block Jetpack.  Or if you are using any other custom htaccess code that blocks the xmlrpc.php file.

Viewing 5 posts - 46 through 50 (of 50 total)
  • You must be logged in to reply to this topic.