Disable XML-RPC Pingback
Stops abuse of your site’s XML-RPC by simply removing some methods used by attackers. While you can use the rest of XML-RPC methods.
This is more friendly than disabling totally XML-RPC, that it’s needed by some plugins and apps (I.e. Mobile apps or some Jetpack’s modules).
- The original one.
- Simple and effective.
- No marketing buzz.
- Maintained and updated when needed since 2014.
- 100% compliant with WordPress coding standards which makes it fail safe.
- 60,000+ active installations can’t be wrong.
If you’re happy with the plugin please don’t forget to give it a good rating, it will motivate me to keep sharing and improving this plugin (and others).
Features
Removes the following methods from XML-RPC interface.
- pingback.ping
- pingback.extensions.getPingbacks
- X-Pingback from HTTP headers. This will hopefully stops some bots from trying to hit your xmlrpc.php file.
Requirements
- WordPress 3.8.1 or higher.
| Domain | Exposures | Headers | Last Checked |
|---|---|---|---|
| s*l*s*a*g.com | F | 2026-06-01 12:05:27 | |
| m*s*o*a*r*p*i*s.com | F | 2026-05-28 11:03:49 | |
| k*t*y*a*t*a*.com | F | 2026-05-21 13:59:47 | |
| k*t*y*a*a*d*i*a*.com | F | 2026-05-21 13:59:47 | |
| r*g*n*y*6*.com | F | 2026-05-19 09:05:48 | |
| n*a*i*e*.com | F | 2026-05-19 00:31:44 | |
| r*d*o*a*i*i*a.com (WP 6.9.4) | F | 2026-05-14 02:06:42 | |
| e*p*e*a*r*s*i*n*9*5.com (WP 6.9.4) | F | 2026-05-12 22:35:27 | |
| e*i*e*e*u*y*e*a*l*.com | F | 2026-05-10 06:47:42 | |
| j*n*l*n*s*a*f*n*.com | F | 2026-05-10 01:03:39 | |
| b*n*r*p*c*r*d*e*r.com | F | 2026-05-03 21:21:15 | |
| b*n*r*p*c*b*n*y*i*l*.com | F | 2026-05-03 21:14:01 |
Page 1 of 1