{"id":118869,"date":"2025-09-02T13:41:56","date_gmt":"2025-09-02T06:41:56","guid":{"rendered":"https:\/\/tino.vn\/blog\/?p=118869"},"modified":"2025-09-02T13:42:41","modified_gmt":"2025-09-02T06:42:41","slug":"xmlrpc-php-trong-wordpress-la-gi","status":"publish","type":"post","link":"https:\/\/tino.vn\/blog\/xmlrpc-php-trong-wordpress-la-gi\/","title":{"rendered":"xmlrpc.php WordPress l\u00e0 g\u00ec? H\u01b0\u1edbng d\u1eabn t\u1eaft xmlrpc.php \u0111\u1ec3 b\u1ea3o m\u1eadt website"},"content":{"rendered":"\n

B\u1ea1n c\u00f3 bao gi\u1edd t\u1ef1 h\u1ecfi t\u1ea1i sao website WordPress<\/a> c\u1ee7a m\u00ecnh ho\u1ea1t \u0111\u1ed9ng ch\u1eadm ho\u1eb7c d\u1ec5 b\u1ecb t\u1ea5n c\u00f4ng? M\u1ed9t trong nh\u1eefng nguy\u00ean nh\u00e2n c\u00f3 th\u1ec3 \u0111\u1ebfn t\u1eeb xmlrpc.php \u2013 m\u1ed9t t\u00ednh n\u0103ng h\u1ed7 tr\u1ee3 k\u1ebft n\u1ed1i t\u1eeb xa nh\u01b0ng c\u0169ng l\u00e0 c\u00e1nh c\u1eeda \u0111\u1ec3 hacker t\u1ea5n c\u00f4ng. V\u1eady xmlrpc.php trong WordPress l\u00e0 g\u00ec? H\u00e3y c\u00f9ng Tino t\u00ecm hi\u1ec3u ngay qua b\u00e0i vi\u1ebft d\u01b0\u1edbi \u0111\u00e2y b\u1ea1n nh\u00e9!<\/strong><\/p>\n\n\n\n

<\/a>xmlrpc.php trong WordPress l\u00e0 g\u00ec?<\/h2>\n\n\n\n

xmlrpc.php l\u00e0 m\u1ed9t t\u1ec7p trong WordPress cho ph\u00e9p website c\u1ee7a b\u1ea1n k\u1ebft n\u1ed1i v\u00e0 giao ti\u1ebfp t\u1eeb xa v\u1edbi c\u00e1c \u1ee9ng d\u1ee5ng b\u00ean ngo\u00e0i. Th\u00f4ng th\u01b0\u1eddng, t\u1ec7p n\u00e0y s\u1ebd \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng \u0111\u1ec3 g\u1eedi v\u00e0 nh\u1eadn d\u1eef li\u1ec7u gi\u1eefa WordPress c\u0169ng nh\u01b0 c\u00e1c n\u1ec1n t\u1ea3ng kh\u00e1c, nh\u01b0 \u1ee9ng d\u1ee5ng di \u0111\u1ed9ng, ph\u1ea7n m\u1ec1m vi\u1ebft blog t\u1eeb xa (nh\u01b0 Open Live Writer) ho\u1eb7c c\u00e1c d\u1ecbch v\u1ee5 t\u1ef1 \u0111\u1ed9ng h\u00f3a.<\/p>\n\n\n

\n
\"xmlrpc.php
xmlrpc.php trong WordPress l\u00e0 g\u00ec?<\/strong><\/figcaption><\/figure>\n<\/div>\n\n\n

<\/p>\n\n\n\n

Tr\u01b0\u1edbc khi REST API ra \u0111\u1eddi, xmlrpc.php l\u00e0 gi\u1ea3i ph\u00e1p ch\u00ednh gi\u00fap WordPress c\u00f3 th\u1ec3 ho\u1ea1t \u0111\u1ed9ng v\u1edbi c\u00e1c h\u1ec7 th\u1ed1ng b\u00ean ngo\u00e0i. Tuy nhi\u00ean, do c\u00f3 nhi\u1ec1u l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt, xmlrpc.php c\u0169ng l\u00e0 m\u1ee5c ti\u00eau ph\u1ed5 bi\u1ebfn c\u1ee7a hacker \u0111\u1ec3 t\u1ea5n c\u00f4ng DDoS<\/a>, Brute Force v\u00e0 c\u00e1c h\u00ecnh th\u1ee9c x\u00e2m nh\u1eadp kh\u00e1c. V\u00ec v\u1eady, nhi\u1ec1u qu\u1ea3n tr\u1ecb vi\u00ean website th\u01b0\u1eddng v\u00f4 hi\u1ec7u h\u00f3a xmlrpc.php \u0111\u1ec3 t\u0103ng c\u01b0\u1eddng b\u1ea3o m\u1eadt.<\/p>\n\n\n\n

<\/a>M\u1ee5c \u0111\u00edch s\u1eed d\u1ee5ng c\u1ee7a xmlrpc.php trong WordPress<\/h2>\n\n\n\n

xmlrpc.php l\u00e0 m\u1ed9t giao th\u1ee9c \u0111\u01b0\u1ee3c ph\u00e1t tri\u1ec3n t\u1eeb nh\u1eefng n\u0103m 1998, cho ph\u00e9p truy\u1ec1n d\u1eef li\u1ec7u gi\u1eefa c\u00e1c h\u1ec7 th\u1ed1ng kh\u00e1c nhau th\u00f4ng qua m\u1ea1ng Internet.<\/p>\n\n\n\n

Khi WordPress ra \u0111\u1eddi v\u00e0o n\u0103m 2003, xmlrpc.php \u0111\u00e3 \u0111\u01b0\u1ee3c t\u00edch h\u1ee3p \u0111\u1ec3 gi\u00fap website c\u00f3 th\u1ec3 k\u1ebft n\u1ed1i v\u1edbi c\u00e1c d\u1ecbch v\u1ee5 b\u00ean ngo\u00e0i, nh\u1ea5t l\u00e0 trong b\u1ed1i c\u1ea3nh Internet l\u00fac \u0111\u00f3 ch\u01b0a c\u00f3 c\u00e1c API hi\u1ec7n \u0111\u1ea1i nh\u01b0 ng\u00e0y nay. Nh\u1edd xmlrpc.php, ng\u01b0\u1eddi d\u00f9ng c\u00f3 th\u1ec3:<\/p>\n\n\n\n