Forbid serverwide access to xmlrpc.php

shivahost

Verified User
Joined
Mar 7, 2013
Messages
205
the bug for pre file is fixed in 1.56.4

No what is the best solution? detailed please!
 

Richard G

Verified User
Joined
Jul 6, 2008
Messages
4,221
Location
Maastricht
IMHO best solution for a server wide block without exceptions is the one which zEitEr gave in post #39.
Reason: This prevents the possibility for a user bypassing the block by accident by using a <Files *> deny,allow in a .htaccess file.
 

ReN

Verified User
Joined
Jul 2, 2005
Messages
185
This should work in *.4.post:

Code:
        <Location ~ "/xmlrpc.php">
                Order allow,deny
                Deny from all
                ErrorDocument 403 "Sorry, you are not allowed to view this page!"
        </Location>

p.s. Confirmed: *.pre templates does not work on my end too, both for Nginx and Apache.
Hi guys , can i just get some extra info regarding this, Where exactly does the above info go , add does the user configs need to be rewritten or apache reinstalled etc etc

TY
 

frog9394

Verified User
Joined
Jun 27, 2008
Messages
6
Hello,

We use this:

Code:
        <Files xmlrpc.php>
            Order allow,deny
            Deny from all
            ErrorDocument 403 "Sorry, you are not allowed to view this page!"
        </Files>
it gives no page hit.
It works perfectly on my server. Thanks Alex! :)
 
Top