Context Navigation

← Previous Change
Next Change →

functions.php

Timestamp:

01/11/2022 12:50:48 AM (3 years ago)

Author:

dd32

Message:

Login: Disable all XML-RPC methods on login.w.org, they aren't used and this might persuade some vulneravility scanners not to waste their time with invalid payloads.

File:

: 1 edited

sites/trunk/wordpress.org/public_html/wp-content/themes/pub/wporg-login/functions.php (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed

sites/trunk/wordpress.org/public_html/wp-content/themes/pub/wporg-login/functions.php

-                      r11409
+                      r11426
  * Disable the Core Language Selector on wp-login.php.
  */
+function wporg_login_disable_lang_switcher() {
+    add_filter( 'login_display_language_dropdown', '__return_false' );
+}
+add_action( 'login_init', 'wporg_login_disable_lang_switcher' );
+add_filter( 'login_display_language_dropdown', '__return_false' );
+/**
+ * Disable XML-RPC endpoints.
+ */
+add_filter( 'xmlrpc_methods', '__return_empty_array' );
 /**

Note: See TracChangeset for help on using the changeset viewer.

Trac UI Preferences

Making WordPress.org

Context Navigation

Changeset 11426 for sites/trunk/wordpress.org/public_html/wp-content/themes/pub/wporg-login/functions.php

Legend:

sites/trunk/wordpress.org/public_html/wp-content/themes/pub/wporg-login/functions.php

Download in other formats: