WordPress XML-RPC DDoS Protection – protect xmlrpc.php, block xmlrpc.php, forbid xmlrpc.php

[jenni101]

@AITpro – VERY basic Q I’m afraid as I’m getting a bit confused: Where it says “You can whitelist your IP address…”, does this refer to your SITE’s own IP or to your own current IP? Thanks.

[AITpro Admin]

@ jenni101 – Don’t even bother adding the XML-RPC Protection Bonus Custom Code.  A long time ago WordPress fixed the vulnerability with XML-RPC so this Bonus Custom Code is no longer necessary/needed.

[Rami M]

Brilliant! Could help to update the topic to show “XML-RPC Protection Bonus Custom Code” is no longer necessary/needed.

[Mario Guedes]

I’m completely confused. Today I sent an email to support, saying that I am not able to connect my jetpack to my website anymore after installing bullet. However, I just read the admin saying that the Bonus code is no longer needed Bonus Custom Code. Now, how does the plugin respond that it is necessary? Can someone help me?

[AITpro Admin]

@ Mario Guedes – At some point WordPress fixed the vulnerabilities in the xmlrpc.php file, which was many years ago.  So you no longer need to block access to the xmlrpc.php file.  There is nothing in the default BPS code that blocks Jetpack.  So if you added the xmlrpc.php blocking Bonus Custom Code at some point then yes that would block Jetpack.  Or if you are using any other custom htaccess code that blocks the xmlrpc.php file.

[Author]

Posts