Forbid serverwide access to xmlrpc.php

the bug for pre file is fixed in 1.56.4

No what is the best solution? detailed please!
 
IMHO best solution for a server wide block without exceptions is the one which zEitEr gave in post #39.
Reason: This prevents the possibility for a user bypassing the block by accident by using a <Files *> deny,allow in a .htaccess file.
 
This should work in *.4.post:

Code:
        <Location ~ "/xmlrpc.php">
                Order allow,deny
                Deny from all
                ErrorDocument 403 "Sorry, you are not allowed to view this page!"
        </Location>


p.s. Confirmed: *.pre templates does not work on my end too, both for Nginx and Apache.

Hi guys , can i just get some extra info regarding this, Where exactly does the above info go , add does the user configs need to be rewritten or apache reinstalled etc etc

TY
 
Hello,

We use this:

Code:
        <Files xmlrpc.php>
            Order allow,deny
            Deny from all
            ErrorDocument 403 "Sorry, you are not allowed to view this page!"
        </Files>

it gives no page hit.

It works perfectly on my server. Thanks Alex! :)
 
Back
Top