Title: Stop XML-RPC Attacks
Author: Pascal CESCATO
Published: <strong>26 Abriil, 2019</strong>
Last modified: 23 Maajo, 2026

---

Raadi kaabayaal

![](https://ps.w.org/stop-xml-rpc-attacks/assets/banner-772x250.png?rev=2075425)

![](https://ps.w.org/stop-xml-rpc-attacks/assets/icon-256x256.png?rev=2075425)

# Stop XML-RPC Attacks

 Qore [Pascal CESCATO](https://profiles.wordpress.org/pcescato/)

[Soo Rog](https://downloads.wordpress.org/plugin/stop-xml-rpc-attacks.2.0.0.zip)

 * [Faahfaahin](https://so.wordpress.org/plugins/stop-xml-rpc-attacks/#description)
 * [Dibu-eegisyo](https://so.wordpress.org/plugins/stop-xml-rpc-attacks/#reviews)
 *  [Rakibaad](https://so.wordpress.org/plugins/stop-xml-rpc-attacks/#installation)
 * [Horumarinta](https://so.wordpress.org/plugins/stop-xml-rpc-attacks/#developers)

 [Taageero](https://wordpress.org/support/plugin/stop-xml-rpc-attacks/)

## Sharraxaad

Stop XML-RPC Attacks protects your WordPress site from XML-RPC brute force attacks,
DDoS attempts, and reconnaissance probes while maintaining compatibility with essential
services like Jetpack and WooCommerce.

**Features:**

 * Three security modes: Full Disable, Guest Disable, or Selective Blocking
 * Blocks dangerous methods: system.multicall, pingback.ping, and more
 * Compatible with Jetpack and WooCommerce
 * Optional user enumeration blocking
 * Attack logging for monitoring
 * Zero configuration required – works out of the box
 * Clean, intuitive admin interface

## Rakibaad

 1. Upload the plugin files to `/wp-content/plugins/stop-xmlrpc-attacks/`
 2. Activate the plugin through the ‘Plugins’ menu in WordPress
 3. Go to Settings > XML-RPC Security to configure (optional)

## SBI

### Will this break Jetpack?

No! The default “Selective Blocking” mode is fully compatible with Jetpack and WooCommerce.

### What’s the difference between the security modes?

 * **Full Disable**: Maximum security, disables XML-RPC completely
 * **Guest Disable**: Balanced approach, only allows XML-RPC for logged-in users
 * **Selective Blocking**: Best compatibility, only blocks dangerous methods

### How do I enable logging?

Go to Settings > XML-RPC Security and check “Enable Attack Logging”. Logs will be
written to your debug.log file when WP_DEBUG is enabled.

## Dibu-eegisyo

![](https://secure.gravatar.com/avatar/b959b03e0bfa53fc258b2f1e22cfa5bc921f1f28d8f4b5c75afb22617b4d166d?
s=60&d=retro&r=g)

### 󠀁[Great](https://wordpress.org/support/topic/great-14892/)󠁿

 [Anonymous User 16344271](https://profiles.wordpress.org/anonymized-16344271/) 
24 Sebteembar, 2022 1 reply

Nice plugin thanks

![](https://secure.gravatar.com/avatar/9ed8d960761ad688c132f448fd549cda282c8868b0f9e9587ce5bed623d9694d?
s=60&d=retro&r=g)

### 󠀁[Works silently](https://wordpress.org/support/topic/works-silently-2/)󠁿

 [Sandip Roy](https://profiles.wordpress.org/sandip-roy/) 21 Febraayo, 2022

It works silently in the background. This is the only security plugin I use, since
a W***fence update broke my site about a year back. Gives me a peace of mind.

![](https://secure.gravatar.com/avatar/c3e0ae8928317e1270c5e6559c165a762495a990ceac61b8b86557b0934d5b61?
s=60&d=retro&r=g)

### 󠀁[thanks](https://wordpress.org/support/topic/thanks-2200/)󠁿

 [baf285](https://profiles.wordpress.org/baf285/) 7 Janaayo, 2022 1 reply

all good, thanks

![](https://secure.gravatar.com/avatar/aa109f51d0a70582dee4ee0220fbdfc40a6f5a8e65d762a55a624cb6b0b67a27?
s=60&d=retro&r=g)

### 󠀁[Simplet et efficace](https://wordpress.org/support/topic/simplet-et-efficace/)󠁿

 [lesgitesdusomail](https://profiles.wordpress.org/lesgitesdusomail/) 17 Oktoobar,
2019 1 reply

Tout est dans le titre. Reste à dire : Merci !

 [ Akhri dhammaan 4 dibu-eegis ](https://wordpress.org/support/plugin/stop-xml-rpc-attacks/reviews/)

## Ka-qaybgalayaasha & Horumariyayaasha

“Stop XML-RPC Attacks” waa softiweer il furan. Dadka soo socda ayaa wax ku biiriyay
kaabahan.

Ka-qaybgalayaasha

 *   [ Pascal CESCATO ](https://profiles.wordpress.org/pcescato/)

“Stop XML-RPC Attacks” waxaa lagu tarjumay 2 luqadood. Way ku mahadsan yihiin [turjumaannada](https://translate.wordpress.org/projects/wp-plugins/stop-xml-rpc-attacks/contributors)
ka-qaybqaadashadooda.

[Ku tarjun “Stop XML-RPC Attacks” luqaddaada.](https://translate.wordpress.org/projects/wp-plugins/stop-xml-rpc-attacks)

### Ma xiisaynaysaa horumarinta?

[Baadh koodka](https://plugins.trac.wordpress.org/browser/stop-xml-rpc-attacks/),
fiiri [bakhaarka SVN](https://plugins.svn.wordpress.org/stop-xml-rpc-attacks/), 
ama iska qor [diiwaanka horumarinta](https://plugins.trac.wordpress.org/log/stop-xml-rpc-attacks/)
adigoo adeegsanaya [RSS](https://plugins.trac.wordpress.org/log/stop-xml-rpc-attacks/?limit=100&mode=stop_on_copy&format=rss).

## Isbeddellada

#### 2.0.0

 * Added admin interface with visual settings
 * Three security modes to choose from
 * Optional attack logging
 * Improved code quality and security
 * Full internationalization support

#### 1.0.1

 * Initial release
 * Basic blocking of dangerous methods

## Meta

 *  Version **2.0.0**
 *  Last updated **3 maalmood kahor**
 *  Active installations **6,000+**
 *  WordPress version ** 6.0 ama ka sareeya **
 *  Tested up to **7.0**
 *  PHP version ** 7.4 ama ka sareeya **
 *  Languages
 * [English (US)](https://wordpress.org/plugins/stop-xml-rpc-attacks/), [French (France)](https://fr.wordpress.org/plugins/stop-xml-rpc-attacks/),
   and [German](https://de.wordpress.org/plugins/stop-xml-rpc-attacks/).
 *  [Ku tarjun luqaddaada](https://translate.wordpress.org/projects/wp-plugins/stop-xml-rpc-attacks)
 * Tags
 * [Brute Force](https://so.wordpress.org/plugins/tags/brute-force/)[ddos](https://so.wordpress.org/plugins/tags/ddos/)
   [jetpack](https://so.wordpress.org/plugins/tags/jetpack/)[security](https://so.wordpress.org/plugins/tags/security/)
   [xmlrpc](https://so.wordpress.org/plugins/tags/xmlrpc/)
 *  [Aragti Sare](https://so.wordpress.org/plugins/stop-xml-rpc-attacks/advanced/)

## Qiimeynta

 5 out of 5 stars.

 *  [  4 5-star reviews     ](https://wordpress.org/support/plugin/stop-xml-rpc-attacks/reviews/?filter=5)
 *  [  0 4-star reviews     ](https://wordpress.org/support/plugin/stop-xml-rpc-attacks/reviews/?filter=4)
 *  [  0 3-star reviews     ](https://wordpress.org/support/plugin/stop-xml-rpc-attacks/reviews/?filter=3)
 *  [  0 2-star reviews     ](https://wordpress.org/support/plugin/stop-xml-rpc-attacks/reviews/?filter=2)
 *  [  0 1-star reviews     ](https://wordpress.org/support/plugin/stop-xml-rpc-attacks/reviews/?filter=1)

[Your review](https://wordpress.org/support/plugin/stop-xml-rpc-attacks/reviews/#new-post)

[See all reviews](https://wordpress.org/support/plugin/stop-xml-rpc-attacks/reviews/)

## Ka-qaybgalayaasha

 *   [ Pascal CESCATO ](https://profiles.wordpress.org/pcescato/)

## Taageero

Ma heysaa waxaad dhahdo? Caawimaad ma u baahan tahay?

 [Eeg madasha taageerada](https://wordpress.org/support/plugin/stop-xml-rpc-attacks/)