How to disable the Wordpress Pingback feature

The Wordpress plugin XML-RPC Pingback is used for tracking when your Wordpress blog pages are linked externally. Due to security problems with the implementation of the XML-RPC Pingback feature, CETS requires that all SEAS users disable this feature when using Wordpress. Follow the steps below to secure your Wordpress installation by disabling the feature.

Disabling XML-RPC pingback

  1. Log into the Wordpress admin panel for your Wordpress installation. If you see updates available, apply these before continuing.
  2. Hold your cursor over Plugins from the left-hand navigation menu and click Add New from the menu that appears.

    Add new WordPress plugin

  3. Type Disable XML-RPC Pingback in the search box and click Search.

    Search for plugin

  4. The top plugin listed in the results should be Disable XML-RPC Pingback.

    Plugin search results

  5. Click Install now, then Yes in response to the Do you really want to install? question.

    Installing plugin

  6. After Wordpress reports Successfully installed, click the Activate plugin link. Wordpress will confirm the change, as shown in the screenshot below.

    Activated plugin

That's it! Once you have installed and activate the plugin, the pingback feature will be disabled in your Wordpress installation. This makes your Wordpress site more secure by preventing attackers from leveraging the pingback feature to send spam pingbacks to other websites.

© Computing and Educational Technology Services