Is Stop XML-RPC Attacks free?

Yes, Stop XML-RPC Attacks is free to use. It is available as a free plugin on WordPress.org.

How many websites use Stop XML-RPC Attacks?

Stop XML-RPC Attacks has 6.0K+ active installations as tracked by WordPress.org.

What are the best Stop XML-RPC Attacks alternatives?

Popular alternatives to Stop XML-RPC Attacks include Cloudflare, Disable XML-RPC Pingback, Protection Against DDoS. You can compare them side-by-side on our comparison pages.

Does Stop XML-RPC Attacks work with the latest WordPress?

Stop XML-RPC Attacks has been tested up to WordPress 6.9.4. It requires WordPress 6.0+ and PHP 7.4+.

PluginSift

Stop XML-RPC Attacks

Name: Stop XML-RPC Attacks
Rating: 5 (4 reviews)
Author: Pascal CESCATO

Blocks dangerous XML-RPC methods while preserving Jetpack, WooCommerce, and mobile apps compatibility.

By Pascal CESCATO·Ddos·Free

5(4 reviews)

·6.0K+ active installs·Updated 3 months ago

Download Compare

As of April 2026, Stop XML-RPC Attacks is a WordPress ddos plugin with 6.0K+ active installations and a 5/5 rating from 4 reviews. It has been downloaded 27K+ times in total. Requires WordPress 6.0+ and PHP 7.4+. Available on WordPress.org since 2019. Downloads are down 42% this week. Top alternative: Cloudflare.

5/54 reviews

6.0K+active installs

27K+total downloads

7 yearssince 2019

Overview

Stop XML-RPC Attacks protects your WordPress site from XML-RPC brute force attacks, DDoS attempts, and reconnaissance probes while maintaining compatibility with essential services like Jetpack and WooCommerce.

Features:

Three security modes: Full Disable, Guest Disable, or Selective Blocking
Blocks dangerous methods: system.multicall, pingback.ping, and more
Compatible with Jetpack and WooCommerce
Optional user enumeration blocking
Attack logging for monitoring
Zero configuration required – works out of the box
Clean, intuitive admin interface

Read full description on WordPress.org

Ratings & Reviews

54 reviews

5 ★

4 ★

3 ★

2 ★

1 ★

Recent Reviews

Great

by Anonymous User 16344271·3 years ago·1 reply

Nice plugin thanks

Works silently

by Sandip Roy·4 years ago

It works silently in the background. This is the only security plugin I use, since a W***fence update broke my site about a year back. Gives me a peace of mind.

thanks

by baf285·4 years ago·1 reply

all good, thanks

Simplet et efficace

by lesgitesdusomail·6 years ago·1 reply

Tout est dans le titre. Reste à dire : Merci !

Download Trends

Today: 14Yesterday: 14This week: 98Period total: 8K

Compatibility

WordPress	6.0+ requiredTested up to 6.9.4
PHP	7.4+ required

Version Adoption

v2.0

67.0%

v1.0

33.0%

Top Alternatives to Stop XML-RPC Attacks

Cloudflare

3.5200K+ installsUpdated 3 months ago

View Compare

Disable XML-RPC Pingback

3.960K+ installsUpdated 4 months ago

View Compare

Protection Against DDoS

53.0K+ installsUpdated 5 years ago

View Compare

Eazy XMLRPC Pingback Disable

5800 installsUpdated 8 years ago

View Compare

Deactivate XML-RPC on WordPress

0200 installsUpdated 10 years ago

View Compare

View all ddos plugins →

Frequently Asked Questions

Changelog

2.0.0

Added admin interface with visual settings
Three security modes to choose from
Optional attack logging
Improved code quality and security
Full internationalization support

View full changelog on WordPress.org

Contributors

Pascal CESCATO

Plugin data sourced from WordPress.org. Analysis and metrics by PluginSift.

Stop XML-RPC Attacks

Blocks dangerous XML-RPC methods while preserving Jetpack, WooCommerce, and mobile apps compatibility.

By Pascal CESCATO·Ddos·Free

5(4 reviews)

·6.0K+ active installs·Updated 3 months ago

Download Compare

5/54 reviews

6.0K+active installs

27K+total downloads

7 yearssince 2019

Overview

Features:

Three security modes: Full Disable, Guest Disable, or Selective Blocking
Blocks dangerous methods: system.multicall, pingback.ping, and more
Compatible with Jetpack and WooCommerce
Optional user enumeration blocking
Attack logging for monitoring
Zero configuration required – works out of the box
Clean, intuitive admin interface

Read full description on WordPress.org

Ratings & Reviews

54 reviews

5 ★

4 ★

3 ★

2 ★

1 ★

Recent Reviews

Great

by Anonymous User 16344271·3 years ago·1 reply

Nice plugin thanks

Works silently

by Sandip Roy·4 years ago

It works silently in the background. This is the only security plugin I use, since a W***fence update broke my site about a year back. Gives me a peace of mind.

thanks

by baf285·4 years ago·1 reply

all good, thanks

Simplet et efficace

by lesgitesdusomail·6 years ago·1 reply

Tout est dans le titre. Reste à dire : Merci !