Title: Remove &amp; Disable XML-RPC Pingback
Author: cleverplugins
Published: <strong>18. měrca 2014</strong>
Last modified: 24. julija 2023

---

Tykače pytać

![](https://ps.w.org/remove-xmlrpc-pingback-ping/assets/banner-772x250.png?rev=877225)

Tutón tykač **njeje so z najnowšimi 3 hłownymi wersijemi WordPress testował**. Snano
so hižo njewothladuje abo njepodpěruje a ma problemy z kompatibelnosću, hdyž so 
z nowšimi wersijemi WordPress wužiwa.

![](https://ps.w.org/remove-xmlrpc-pingback-ping/assets/icon-256x256.png?rev=2065246)

# Remove & Disable XML-RPC Pingback

 Wot [cleverplugins](https://profiles.wordpress.org/cleverplugins/)

[Sćahnyć](https://downloads.wordpress.org/plugin/remove-xmlrpc-pingback-ping.1.6.zip)

 * [Podrobnosće](https://hsb.wordpress.org/plugins/remove-xmlrpc-pingback-ping/#description)
 * [Pohódnoćenja](https://hsb.wordpress.org/plugins/remove-xmlrpc-pingback-ping/#reviews)
 *  [Instalacija](https://hsb.wordpress.org/plugins/remove-xmlrpc-pingback-ping/#installation)
 * [Wuwiće](https://hsb.wordpress.org/plugins/remove-xmlrpc-pingback-ping/#developers)

 [Podpěra](https://wordpress.org/support/plugin/remove-xmlrpc-pingback-ping/)

## Wopisanje

Prevent your WordPress site from participating and being a victim of pingback denial
of service attacks. **After activation the plugin automatically disables XML-RPC.
There’s no need to configure anything.**

By disabling the XML-RPC pingback you’ll:
 * lower your server CPU usage * prevent
malicious scripts from using your site to run pingback denial of service attacks*
prevent malicious scripts to run denial of service attacks on your site via pingback

From sucuri.net:

> Any WordPress site with Pingback enabled (which is on by default) can be used 
> in DDOS attacks against other sites.

#### Learn More

 * [How To Prevent WordPress From Participating In Pingback Denial of Service Attacks](http://wptavern.com/how-to-prevent-wordpress-from-participating-in-pingback-denial-of-service-attacks)–
   wptavern.com
 * [More Than 162,000 WordPress Sites Used for Distributed Denial of Service Attack](http://blog.sucuri.net/2014/03/more-than-162000-wordpress-sites-used-for-distributed-denial-of-service-attack.html)–
   sucuri.net
 * [xmlrpc.php and Pingbacks and Denial of Service Attacks, Oh My!](http://hackguard.com/xmlrpc-php-ping-backs-hackers-denial-service-attacks)–
   hackguard.com

#### Is Your Site Attacking Others?

Use [Sucuri’s WordPress DDOS Scanner](http://labs.sucuri.net/?is-my-wordpress-ddosing)
to check if your site is DDOS’ing other websites

#### Why Not Just Disable XMLRPC Altogether?

Yes, you can choose to do that, but if you use popular plugins like JetPack (that
use XMLRPC) then those plugins will stop working. That is why this small plugin 
exists.

## Fota wobrazowki

[⌊Postman: Without the plugin installed⌉⌊Postman: Without the plugin installed⌉[

Postman: Without the plugin installed

[⌊Postman: With the plugin installed⌉⌊Postman: With the plugin installed⌉[

Postman: With the plugin installed

## Instalacija

#### Using The WordPress Dashboard

 1. Navigate to the ‚Add New‘ in the plugins dashboard
 2. Search for ‚Remove XMLRPC Pingback Ping‘
 3. Click ‚Install Now‘
 4. Activate the plugin on the Plugin dashboard

#### Uploading in WordPress Dashboard

 1. Navigate to the ‚Add New‘ in the plugins dashboard
 2. Navigate to the ‚Upload‘ area
 3. Select `remove-xmlrpc-pingback-ping.zip` from your computer
 4. Click ‚Install Now‘
 5. Activate the plugin in the Plugin dashboard

#### Using FTP

 1. Download `remove-xmlrpc-pingback-ping.zip`
 2. Extract the `remove-xmlrpc-pingback-ping` directory to your computer
 3. Upload the `remove-xmlrpc-pingback-ping` directory to the `/wp-content/plugins/`
    directory
 4. Activate the plugin in the Plugin dashboard

## HSP

### Is My Site Attacking Others?

It could be! Use [Sucuri’s WordPress DDOS Scanner](https://labs.sucuri.net/?is-my-wordpress-ddosing)
to check if your site is DDOS’ing other websites

## Pohódnoćenja

![](https://secure.gravatar.com/avatar/aa1d80e1e2b3737baf8abb7067d1ce2711c7df9ffa720525841e8ac2a69012a2?
s=60&d=retro&r=g)

### 󠀁[So many annoying admin notices …](https://wordpress.org/support/topic/so-many-annoying-admin-notices/)󠁿

 [mklusak](https://profiles.wordpress.org/mklusak/) 1. decembra 2021 1 reply

I am removing this plugin from my sites, because WP admin is constantly full of 
huge „join our newsletter“ (…) admin notices. Yeah, no, thank you …

![](https://secure.gravatar.com/avatar/ca84b7cc8545707bca092d1fe0dcadc0b8063cc91a85632fdd00e6b5e28586fa?
s=60&d=retro&r=g)

### 󠀁[Just what I needed](https://wordpress.org/support/topic/just-what-i-needed-1051/)󠁿

 [Ben Roberts](https://profiles.wordpress.org/bouncingsprout/) 10. decembra 2020

Great plugin, super easy to install and just sits there doing it’s job. Very light
as well, so has no effects that I could see, on site speed or memory usage. Can’t
think of a reason why you wouldn’t be using this to be honest. Thanks for developing
it!

![](https://secure.gravatar.com/avatar/f6d83c88833b7cfb0e8cdc1d053effd6656baaafba8b60f620eeaf4d37ae637e?
s=60&d=retro&r=g)

### 󠀁[Not working](https://wordpress.org/support/topic/not-working-3457/)󠁿

 [Kekeli](https://profiles.wordpress.org/ka2id/) 1. decembra 2020 1 reply

Still getting a ton of login attempts

![](https://secure.gravatar.com/avatar/6ebfbb4579691f04cb48955a06f567525aec599099529b9aaab94866fc4b5337?
s=60&d=retro&r=g)

### 󠀁[Great plugin](https://wordpress.org/support/topic/great-plugin-21479/)󠁿

 [kayasch](https://profiles.wordpress.org/kayasch/) 9. apryla 2019

It was beneficial, helped me a lot!

![](https://secure.gravatar.com/avatar/5be9c7cc61a32161185e2efabf3690e600756f7445d9b3944c3b761a7762c9ad?
s=60&d=retro&r=g)

### 󠀁[No longer effective](https://wordpress.org/support/topic/no-longer-effective/)󠁿

 [skyhound](https://profiles.wordpress.org/skyhound/) 3. septembra 2016

Unfortunately, it looks like this plugin is not effective anymore as I’ve had a 
few sites attacked with this plugin installed. Trying to manage though .htaccess
now. Wish someone would write something new to fix this.

 [ Čitajće 7 pohódnoćenjow ](https://wordpress.org/support/plugin/remove-xmlrpc-pingback-ping/reviews/)

## Sobuskutkowarjo a wuwiwarjo

„Remove & Disable XML-RPC Pingback“ je softwara wotewrjeneho žórła. Slědowacy ludźo
su k tutomu tykačej přinošowali.

Sobuskutkowarjo

 *   [ cleverplugins ](https://profiles.wordpress.org/cleverplugins/)
 *   [ Lars Koudal ](https://profiles.wordpress.org/lkoudal/)

[Přełožće „Remove & Disable XML-RPC Pingback“ do swojeje rěče.](https://translate.wordpress.org/projects/wp-plugins/remove-xmlrpc-pingback-ping)

### Na wuwiću zajimowany?

[Přehladajće kod](https://plugins.trac.wordpress.org/browser/remove-xmlrpc-pingback-ping/),
hladajće do [SVN-repozitorija](https://plugins.svn.wordpress.org/remove-xmlrpc-pingback-ping/)
abo abonujće [wuwiwanski protokol](https://plugins.trac.wordpress.org/log/remove-xmlrpc-pingback-ping/)
přez [RSS](https://plugins.trac.wordpress.org/log/remove-xmlrpc-pingback-ping/?limit=100&mode=stop_on_copy&format=rss).

## Protokol změnow

#### 1.6

 * 2023/07/24
 * Added filter to check for and remove ‚X-Pingback‘ header if necessary.
 * Added settings page
 * Tested up to WP 6.2

#### 1.5

 * Code hardening.
 * Verified compatibility with WP 5.9.3

#### 1.4

 * New: Added a count under „Settings -> General“ to see number of blocked attempts.
 * Tested up to WP 5.8
 * Added newsletter admin notice.
 * Code hardening.

#### 1.3

 * 2020/09/21
 * Cleaned up code
 * Added counter for number of times the pingback method was blocked.
 * Tested with WP 5.5.1
 * 28,595 downloads

#### 1.1

 * 2019/04/09
 * version bump

#### 1.0.0

 * First release

## Meta

 *  Version **1.6**
 *  Last updated **3 lěta**
 *  Active installations **8.000+**
 *  WordPress version ** 5.2 abo nowši **
 *  Tested up to **6.3.8**
 *  PHP version ** 5.6 abo nowši **
 *  Language
 * [English (US)](https://wordpress.org/plugins/remove-xmlrpc-pingback-ping/)
 * Tags
 * [ping](https://hsb.wordpress.org/plugins/tags/ping/)[pingback](https://hsb.wordpress.org/plugins/tags/pingback/)
   [xml-rpc](https://hsb.wordpress.org/plugins/tags/xml-rpc/)[xmlrpc](https://hsb.wordpress.org/plugins/tags/xmlrpc/)
 *  [Rozšěrjeny napohlad](https://hsb.wordpress.org/plugins/remove-xmlrpc-pingback-ping/advanced/)

## Pohódnoćenja

 3 out of 5 stars.

 *  [  3 5-star reviews     ](https://wordpress.org/support/plugin/remove-xmlrpc-pingback-ping/reviews/?filter=5)
 *  [  0 4-star reviews     ](https://wordpress.org/support/plugin/remove-xmlrpc-pingback-ping/reviews/?filter=4)
 *  [  0 3-star reviews     ](https://wordpress.org/support/plugin/remove-xmlrpc-pingback-ping/reviews/?filter=3)
 *  [  0 2-star reviews     ](https://wordpress.org/support/plugin/remove-xmlrpc-pingback-ping/reviews/?filter=2)
 *  [  3 1-star reviews     ](https://wordpress.org/support/plugin/remove-xmlrpc-pingback-ping/reviews/?filter=1)

[Your review](https://wordpress.org/support/plugin/remove-xmlrpc-pingback-ping/reviews/#new-post)

[See all reviews](https://wordpress.org/support/plugin/remove-xmlrpc-pingback-ping/reviews/)

## Sobuskutkowarjo

 *   [ cleverplugins ](https://profiles.wordpress.org/cleverplugins/)
 *   [ Lars Koudal ](https://profiles.wordpress.org/lkoudal/)

## Podpěra

Chceće něšto prajić? Trjebaće pomoc?

 [Forum pomocy pokazać](https://wordpress.org/support/plugin/remove-xmlrpc-pingback-ping/)