In version 3.5 wordpress have enable by default publishing via the XML-RPC protocol to better serve people that use smartphones and want to be able to publish to their sites. As part of the change not only were the feature set to be active by default, but also the option to disable it was removed.
Since that point in time attackers have started to try and gain access to wordpress sites via the XML-RPC protocol.
This plugin will give you a control to determine if by default XML-RPC is enabled or disabled for all the sites of the network, while enabling the admin of a specific site to turn enable/disable it for that site.
The idea here is that while you might want to disable XML-RPC publishing by default, you might want to have the option to activate it per site on user demand, therefor improving the security without totally sacrificing functionality.
This plugin is for a multisite/network WordPress site. A non network version is available as a separate plugin.
Upon activation XML-RPC publishing is active for all sites to preserve backward compatibility with the WordPress default behavior.
Usage
The network wide settings are under the “Netwrok” >> “XML-RPC Publishing Control” menu
Individual site settings are under “Settings” >> “Writing” menu, under the “Remote publishing with XML-RPC” section
General Compatibility
wordpress version 3.5 and above
Localization
Supported in the code but no .po files are provided right now. i.e. you will have to do it yourself.
Current version
1.2
Support policy
Our plugins are designed to “just work” and they include the documentation required to get the max out of them. You are welcome to ask any “pre sale” question on this page, and we will gladly solve any bugs reported by you, on the bug report page, but we do no guaranty answers to general support question (for example how to control the size of the search box).