The following column WordPress Tutorial will introduce to you how to delete xmlrpc.php in WordPress to prevent DDOS attacks. I hope it will be helpful to friends in need!
Maybe many WordPress users don’t know what xmlrpc.php is. Simply put, it is the interface file provided by WordPress for clients such as mobile phones. In the early days of WordPress, this interface was It is the source of all evil. Although it has been upgraded many times, it is not very safe at present. Malicious programs will constantly try to scan this file, causing the host to run out of resources and become paralyzed. Many WP users have encountered similar warnings from host providers. " "Suspended due to resource consumption" has a lot to do with this interface.
Therefore, in order to prevent DDOS attacks and brute force cracking, if you do not link the mini program or publish articles offline, directly delete the xmlrpc.php file in the WordPress root directory. To be more prudent, you can clear the contents and keep an empty file. Will not affect normal WordPress operation.
Some codes on the Internet that disable the xmlrpc function just disable it and do not prevent the scanning of this file. In addition, every time you update the WP program, don't forget to delete it again.
Some people always askWordPressHow to optimize, this is the most basic one.
The above is the detailed content of About WordPress deleting xmlrpc.php to prevent DDOS attacks. For more information, please follow other related articles on the PHP Chinese website!