This presentation, originally given at the WordPress Orlando Meetup on April 8th, 2014, is a basic tutorial on how to stop the XML-RPC hack in WordPress using just a few lines of code.
3. • Allows WordPress to
post on your behalf
• Allows access to
WordPress clients
• Allows for ping backs
and trackbacks
What is XML-RPC?
4. • Hijacks your website
without your knowledge
• Uses your site for a DDoS
attack
• Potentially gets your
domain labelled as a
spammer
Why is it dangerous?
5. • Add a filter to
functions.php
• Prevent access to
XMLRPC.php
using .htaccess
• Use a plugin
How do you stop it?