Jetpack is a wonderful Press plugin offered by WordPress.com. It provides a lot of features but has one big fault: It relies up XMLRPC.
XMLRPC is a computer-to-computer communications method. The WordPress iPhone app uses it to allow you to administer your WordPress website or blog remotely from your iPhone or iPad. The big problems is that the XMLRPC code in WordPress is a big entry vector for hackers.
As a result, I recommend adding this code to the .htaccess file (located in the root folder of your website):
<files xmlrpc.php="">
Order Deny,Allow
Deny from all
</files>
Recent Comments