![]() Some hosts get more aggressive though, as an open XML-RPC and a bad password is a recipe for “hacked WordPress site”. November 29th, 2023 MarsEdit 5.1 is now available on the MarsEdit site and on the Mac App Store. ![]() My favorite security plugin - iThemes Security - allows you to either disable XML-RPC completely, or to restrict it to one request at a time. MarsEdit 4, developed by Red Sweater Software, is a blog editing platform, allowing users to manage, create, edit and publish blog posts from their desktop. Couple that with the fact that a single XML-RPC request can contain multiple requests (anecdotally I’ve heard “hundreds”), so it’s a common way for hackers to try out lots of username / password combos without setting off the “failed login” warning flags. Free Content Management Software for Bloggers. For all other users the one-time purchase price is 59.95. The blogging app also collects some microposting panel enhancements (adding the ability to resize, add images, view character count, and more), updates Micro.blog character limits to match current standards, enables you to add multiple photos in Tumblr. For all other licensed MarsEdit 4 users, the upgrade fee is 29.95. Red Sweater Software has released MarsEdit 5.1 with support for Mastodon, enabling you to download, edit, and publish to any Mastodon service. XML-RPC “login failures” don’t necessarily get logged the same as actual “login page” login failures. This update is free for MarsEdit 4 users who purchased a license on or after June 1, 2022. Basically, in order to use the super-easy posting from a tool like MarsEdit it sends a request to your server like “here’s the username, here’s the password, here’s the post data”. You will have to ask the webhost - from speaking with my current webhost when I tired setting up Ulysses with remote posting, they block it due to security concerns…
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |