How to add this to protect my sites

  • I need to add this to protect against the pingback hack. Uh, must I create a plugin or is this just code added to a file? If the latter, which file? If the former, do I just name it whatever I want? Which file format?

    Update: A better way to block it is by creating a plugin that adds the following filter:

    add_filter( ‘xmlrpc_methods’, function( $methods ) {
    unset( $methods[‘pingback.ping’] );
    return $methods;
    } );

Viewing 5 replies - 1 through 5 (of 5 total)

  • You may be able to add this to your functions.php file. But, if your version of PHP does not support anonymous functions, it will cause an error.

    In that case, you can use this:

    add_filter( ‘xmlrpc_methods’, 'my_xmlrpc_filter');
function my_xmlrpc_filter( $methods ) {
   unset( $methods['pingback.ping'] );
   return $methods;
}
    Thread Starter SickSquirrel

    (@sicksquirrel)

    Thanks. Where in functions.php is that added?

    Anywhere that doesn’t cause an error.

    Thread Starter SickSquirrel

    (@sicksquirrel)

    Any hints where it won’t cause an error? Top? Bottom? If I do this it would be on a test site with one post. There wouldn’t be enough places to click to generate an error. I don’t do ping backs but if that is what I should test, I’ll learn. But if the error could show up elsewhere, I might not trigger it. I could break up my busy sites.

    Top or bottom or in the middle should work as long as you insert it inside a <?php . . . ?> block, either one that you already have, or a new one that you add.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘How to add this to protect my sites’ is closed to new replies.