Authentication and xmlrpc log writer for WordPress Plugin Directory
Authentication and xmlrpc log writer is a WordPress app, with a 5.0 average rating from 1 reviews, as of July 9, 2026.
Authentication and xmlrpc log writer is a WordPress Plugin Directory app by Federico Rota. With a rating of 5.0★ from 1 reviews.
AppRanks verdict
Generated from live marketplace data — refreshed daily
Authentication and xmlrpc log writer is a category-leading WordPress app with a limited review volume. It is listed in the Security category on WordPress Plugin Directory, which AppRanks treats as the canonical taxonomy node for ranking and competitor comparison. 1 reviews put it in the early-traction tier — useful for early-stage stores willing to be on the leading edge. Early-traction review counts are sensitive to single launch periods or feature events, so a 30-day re-check before bigger commitments often resolves whether the trend is sustained. Paid-only pricing means evaluating fit on the marketplace listing or via the developer's documentation before installing. AppRanks tracks rating, review count, pricing tier, and category position daily — the figures on this page reflect the most recent scrape from the canonical WordPress Plugin Directory listing.
Pros
- +High average rating (5.0★) signals consistent merchant satisfaction
- +Published by Federico Rota — established developer track record
Cons
- −Limited review base (1) — ratings can shift significantly with new feedback
Looking to switch from Authentication and xmlrpc log writer?
See Authentication and xmlrpc log writer's alternatives ranked by audit score, rating, and review velocity.
How Authentication and xmlrpc log writer works
Show full descriptionShow less
This plugin writes the log of failed access attempts (brute force attack) and invalids pingbacks requests ( by xmlrpc.php ). Very useful to process data via fail2ban.
You can activate the log for each pingback request feature and stop the user enumeration method (by redirecting to the home) with log.
If activated it remove the wordpress version number and meta generator in the head section of your site.
If activated it disable xmlrpc methods that require authentication, in order to avoid brute force attack by xmlrpc. Use this feature if you don’t need these xmlrpc methods.
If activated can kill multiple requests in a single xmlrpc call returning a 401 code on xmlrpc login error. This feature may be useful to prevent server overloading on brute force attack by xmlrpc.
You can also view your CUSTOM error log in the admin panel.
You can write error by
SYSLOG
APACHE ERROR_LOG
CUSTOM a custom error log file (the used path need to be writable or APACHE ERROR LOG wil be used)
Log examples
SYSLOG
Dec 17 14:21:02 webserver wordpress(`SERVER_HTTP_HOST`)[2588]: Authentication failure on [`WORDPRESS_SITE_NAME`] for `USED_LOGIN` from `111.222.333.444` Dec 17 14:21:02 webserver wordpress(`SERVER_HTTP_HOST`)[2588]: Pingback error `IXR_ERROR_CODE` generated on [`WORDPRESS_SITE_NAME`] from `111.222.333.444` Dec 17 14:21:02 webserver wordpress(`SERVER_HTTP_HOST`)[2588]: Pingback requested for `PINGBACK_URL` generated on [`WORDPRESS_SITE_NAME`] from `111.222.333.444` Dec 17 14:21:02 webserver wordpress(`SERVER_HTTP_HOST`)[2588]: User enumeration attempt generated on [`WORDPRESS_SITE_NAME`] from `111.222.333.444`
APACHE
[Thu Dec 17 14:23:33.662339 2015] [:error] [pid 2580:tid 140001350244096] [client 111.222.333.444:52599] wordpress(`SERVER_HTTP_HOST`) Authentication failure on [`WORDPRESS_SITE_NAME`] for `USED_LOGIN` from `111.222.333.444`, referer: SITE_ADDRESS/wp-login.php [Thu Dec 17 14:23:33.662339 2015] [:error] [pid 2580:tid 140001350244096] [client 111.222.333.444:52599] wordpress(`SERVER_HTTP_HOST`) Pingback error `IXR_ERROR_CODE` generated on [`WORDPRESS_SITE_NAME`] from `111.222.333.444`, referer: SITE_ADDRESS/xmlrpc.php [Thu Dec 17 14:23:33.662339 2015] [:error] [pid 2580:tid 140001350244096] [client 111.222.333.444:52599] wordpress(`SERVER_HTTP_HOST`) Pingback requested for `PINGBACK_URL` generated on [`WORDPRESS_SITE_NAME`] from `111.222.333.444`, referer: SITE_ADDRESS/xmlrpc.php [Thu Dec 17 14:23:33.662339 2015] [:error] [pid 2580:tid 140001350244096] [client 111.222.333.444:52599] wordpress(`SERVER_HTTP_HOST`) User enumeration attempt generated on [`WORDPRESS_SITE_NAME`] from `111.222.333.444`
CUSTOM
[Thu Dec 17 14:25:34.000000 2015] wordpress(`SERVER_HTTP_HOST`) Authentication failure on [`WORDPRESS_SITE_NAME`] for `USED_LOGIN` from `111.222.333.444` [Thu Dec 17 14:25:34.000000 2015] wordpress(`SERVER_HTTP_HOST`) Pingback error `IXR_ERROR_CODE` generated on [`WORDPRESS_SITE_NAME`] from `111.222.333.444` [Thu Dec 17 14:25:34.000000 2015] wordpress(`SERVER_HTTP_HOST`) Pingback requested for `PINGBACK_URL` generated on [`WORDPRESS_SITE_NAME`] from `111.222.333.444` [Thu Dec 17 14:25:34.000000 2015] wordpress(`SERVER_HTTP_HOST`) User enumeration attempt generated on [`WORDPRESS_SITE_NAME`] from `111.222.333.444`
fail2ban configuration See the FAQ section
Log viewer Log viewer is available only in CUSTOM mode. Note: the log path and the file must exist.
Localization
English (default) – always included
Italian – since 1.1.3 version
Translations
English – default, always included
Italiano – disponibile dalla versione 1.1.3
Note: Feel free to translate this plugin in your language. This is very important for all users worldwide. So please contribute your language to the plugin to make it even more useful. For translating I recommend the “Poedit Editor”.
Category rankings
As of Jul 9, 2026- Authentication logger#0of 1Top 1%
- Brute Force#0of 30Top 1%
- Fail2ban#0of 8Top 1%
- Security#0of 635Top 1%
- Xmlrpc hack#0of 1Top 1%
See 90-day rank history for each category
Track daily rank changes, category shifts, and position volatility.
Competitors & alternatives
Authentication and xmlrpc log writerdoesn't have curated competitor matchups yet. Other tracked security apps on WordPress:
Where Authentication and xmlrpc log writer stands in the Security category
Authentication and xmlrpc log writer ranks #0 of 635 apps in the Security category, placing it in the top 1% of the listing.
Frequently asked questions
What is Authentication and xmlrpc log writer?
Authentication and xmlrpc log writer is an app for WordPress. It currently holds a 5.0-star rating from 1 merchant review, and AppRanks has been tracking its public marketplace data on a daily refresh cycle. It is listed under the Security category on AppRanks, where you can see its current category position, review-velocity trend, and how it compares against the top alternatives in the same space. Developed by Federico Rota.
Who uses Authentication and xmlrpc log writer?
Currently around 70 active stores have installed Authentication and xmlrpc log writer. Its review base is still building, which usually maps to early-stage merchants and stores piloting a new workflow. It is part of the Security category on WordPress.