Description

Stops abuse of your site’s XML-RPC by simply removing some methods used by attackers. While you can use the rest of XML-RPC methods.

This is more friendly than disabling totally XML-RPC, that it’s needed by some plugins and apps (I.e. Mobile apps or some Jetpack’s modules).

The original one.
Simple and effective.
No marketing buzz.
Maintained and updated when needed since 2014.
100% compliant with WordPress coding standards which makes it fail safe.
60,000+ active installations can’t be wrong.

If you’re happy with the plugin please don’t forget to give it a good rating, it will motivate me to keep sharing and improving this plugin (and others).

Features

Removes the following methods from XML-RPC interface.

pingback.ping
pingback.extensions.getPingbacks
X-Pingback from HTTP headers. This will hopefully stops some bots from trying to hit your xmlrpc.php file.

Requirements

WordPress 3.8.1 or higher.

Installation

Extract the zip file and just drop the contents in the wp-content/plugins/ directory of your WordPress installation (or install it directly from your dashboard) and then activate the plugin from Plugins page.
There’s not options page, simply install and activate.

Avis

Gordon 21 octobre 2025

The plugin author is still actively engaged with this excellently useful plugin. It receives updates only when needed which might be years in between updates. Still works great! Highly recommend.

morti037 13 mai 2021 1 reply

There is better option than this plugin. I have used disable xmlrpc api and its works fine for me.

captainzandra 3 octobre 2020

This broke my site, I had to revert to a backup on the server after installing it.

Fernando Tellado 20 janvier 2017

Gran trabajo Samuel, en combinación con algunas reglas de htaccess hace un trabajo fantástico.

wplike75 19 novembre 2016

Thank you for this free and great plugin.

gmyoganand 3 septembre 2016

Does what it says and this is what needed for a XMLRPC attacks. Thanks.

Lire les 14 avis

Contributeurs & développeurs

« Disable XML-RPC Pingback » est un logiciel libre. Les personnes suivantes ont contribué à cette extension.

Samuel Aguilera

“Disable XML-RPC Pingback” a été traduit dans 15 locales. Remerciez l’équipe de traduction pour ses contributions.

Traduisez « Disable XML-RPC Pingback » dans votre langue.

Le développement vous intéresse ?

Parcourir le code, consulter le SVN dépôt, ou s’inscrire au journal de développement par RSS.

Historique des changements

1.2.2

Improved WP version checking to avoid a notice under certain versions of WP.

1.2.1

Minor changes to make code 100% compliant with WordPress Coding Standards.

1.2

Added support for X-Pingback header removal in recent versions of WP.

1.1

Added code to remove X-Pingback from HTTP headers as suggested by user https://wordpress.org/support/topic/remove-x-pingback-http-header

1.0

Initial release.

Disable XML-RPC Pingback

Description

Features

Requirements

Installation

Avis

This excellent plugin is updated if needed and is still actively maintained

This haven’t updated over than a year

Broke my site

Fantástico plugin, imprescindible

Great plugins

Awesome and Effective Plugin.

Contributeurs & développeurs

Le développement vous intéresse ?

Historique des changements

1.2.2

1.2.1

1.2

1.1

1.0

Notes

Contributeurs

Support

Description

Features

Requirements

Installation

Avis

Contributeurs & développeurs

Le développement vous intéresse ?

Historique des changements

1.2.2

1.2.1

1.2

1.1

1.0

Méta

Notes

Contributeurs

Support