Happy to report that I’m back to writing more about WordPress. Today, the WPMUDev blog published a new story of mine on the security tradeoffs involved in using the XML-RPC support in WordPress core.
XML-RPC and Why It’s Time to Remove it for WordPress Security
What’s the problem with XML-RPC?
You’ll learn about the reasons for and history of Remote Process Calls in WordPress and other blogging platforms. You’ll also learn how to protect your site if you happen to like some of the tools that use XML-RPC.
It’s not a fear-mongering story, with some practical advice, and a look to the not-too-distant future when the WordPress REST Application Programming Interface fixes this problem. Go check out the story. Participate in the discussion. Share the link with your networks. Let me know what you think, too.
Michael… do I as a user of wordpress who doesn’t understand a thing you said here need to worry?
well darn… Jetpack sort of comes with my hosting so I guess I’ll try iTthemes… or would it be better to dump jetpack… or maybe both?
I’ll do it… love free plugins that don’t ask a lot of me. Thanks again.
That article is helpful… or at least makes me think I learned something… thanks again.
😉