Skip to content

Instantly share code, notes, and snippets.

@ksolomon
Created October 9, 2015 17:41
Show Gist options
  • Save ksolomon/68b63dd9d264780a82a8 to your computer and use it in GitHub Desktop.
Save ksolomon/68b63dd9d264780a82a8 to your computer and use it in GitHub Desktop.
Block XMLRPC Brute Force Amplification Attacks on WordPress
<?php
/*
Plugin Name: XML-RPC Brute Protection
Description: Disable XML-RPC methods used in brute-force amplification attacks
Author: Keith Solomon
Version: 1.0
License: GPL2
*/
function mmx_remove_xmlrpc_methods($methods) {
unset($methods['system.multicall']);
unset($methods['system.listMethods']);
unset($methods['system.getCapabilities']);
return $methods;
}
add_filter( 'xmlrpc_methods', 'mmx_remove_xmlrpc_methods');
?>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment