Stop XML-RPC Attacks
by Pascal CESCATO on WordPress.org
Blocks dangerous XML-RPC methods while preserving Jetpack, WooCommerce, and mobile apps compatibility.
(4)
Stop XML-RPC Attacks protects your WordPress site from XML-RPC brute force attacks, DDoS attempts, and reconnaissance probes while maintaining compatibility with essential services like Jetpack and WooCommerce.
Features:
- Three security modes: Full Disable, Guest Disable, or Selective Blocking
- Blocks dangerous methods: system.multicall, pingback.ping, and more
- Compatible with Jetpack and WooCommerce
- Optional user enumeration blocking
- Attack logging for monitoring
- Zero configuration required – works out of the box
- Clean, intuitive admin interface
Active installations6K+
Weekly downloads
66+69.23%
Version2.0.0
Last updated1/1/2026
WordPress version6.0
Tested up to6.8.3
PHP version7.4
Tags
Brute Forceddosjetpacksecurityxmlrpc
