ericrasch
4/10/2015 - 6:46 PM

Disable XML-RPC + Pingback WordPress Plugin

Disable XML-RPC + Pingback WordPress Plugin

<?php
/*
Plugin Name: Disable XML-RPC + Pingback
Plugin URI: http://www.philerb.com/wp-plugins/
Description: This plugin disables XML-RPC API + pingbacks in WordPress 3.5+, which is enabled by default. 2 WP plugins were combined together to cover all bases.
Version: 1.0.0
Author: Eric Rasch
Author URI: http://ericrasch.com
License: GPLv2
*/

/**
 * Philip Erb (http://www.philerb.com/contact/)
 * original source: v1.0.1 https://wordpress.org/plugins/disable-xml-rpc/
 */
add_filter( 'xmlrpc_enabled', '__return_false' );


/**
 * Samuel Aguilera (http://www.samuelaguilera.com/)
 * original source: v1.1 https://wordpress.org/support/plugin/disable-xml-rpc-pingback
 */
add_filter( 'xmlrpc_methods', 'sar_block_xmlrpc_attacks' );

function sar_block_xmlrpc_attacks( $methods ) {
   unset( $methods['pingback.ping'] );
   unset( $methods['pingback.extensions.getPingbacks'] );
   return $methods;
}

add_filter( 'wp_headers', 'sar_remove_x_pingback_header' );

function sar_remove_x_pingback_header( $headers ) {
   unset( $headers['X-Pingback'] );
   return $headers;
}

?>