[wp-hackers] Is disabling remote client access a good idea?

Dan Coulter dan at dancoulter.com
Wed Jun 25 04:19:32 GMT 2008

On Tue, Jun 24, 2008 at 10:52 PM, Daniel Jalkut <jalkut at red-sweater.com>

> When you consider the number of distinct HTTP POST access points into a
> typical WordPress blog, all secured by a cookie-type authentication, it
> makes the SINGLE POINT access via the xmlrpc.php URL seem rather easy to
> manage and to secure, by comparison.

Most (possibly all) of POST calls on the admin side are also secured with a

Dan Coulter

Hey, I got nothing to do today but smile
-Simon and Garfunkel

More information about the wp-hackers mailing list