[wp-hackers] Is disabling remote client access a good idea?
Evil ZEN Scientist
martin at gonetoutah.com
Tue Jun 24 20:35:53 GMT 2008
So long as this is documented and part of the 'read this before you
upgrade' - then it's probably a reasonable change.
There have been a few people bitten in the past few upgrades by not
reading the readme.. I think the comment on getting a note in the
dashboard would be nice too.
Also Windows Live Writer uses the xmlrpc interface - that's free; and
works really well with WP.
Daniel Jalkut wrote:
> It recently came to my attention that WordPress is planning to disable
> the XMLRPC and AtomPub based interfaces by default in 2.6.
> This decision rubs me the wrong way, and I want to start a dialog here
> to see if others agree (or disagree for that matter!).
> My thoughts are, in summary, that this is a short-sighted attempt to
> prevent uncertain security risks, and has negative downsides that will
> affect WordPress users, remote app developers, and even has the
> potential to injure WordPress's reputation as an easy, elegant, and
> secure solution.
> I wrote more extensively on my blog:
> WIthin just a few minutes of writing this post and tweeting about it,
> I received several Twitter replies. Granted, these are people who are
> following me on Twitter and are therefore more likely to agree with
> and be sympathetic with my views. But I think it's worth considering
> the possibility that this is but a small indicator of how the public
> as a whole will react to the change when and if it goes public:
> fraserspeirs: @danielpunkass Implies a lack of confidence in their own
> code. Windows-esque.
> joemaller: @danielpunkass toggling a setting is easier than fixing the
> codebase. feels weak.
> aslakr: @danielpunkass WTF! That seems rather short sighted.
> onecrayon: @danielpunkass Screw that! Any way to give negative
> feedback on that change to WordPress?
> psionic: @danielpunkass Agree w/Jalkut: not only is disabling
> WordPress's WS by default a step backwards, the web UI should eat its
> own WS dogfood.
> I look forward to hearing the thoughts of others on this subject.
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
More information about the wp-hackers