Skip to:

RSS feed vulnerability

  • I have some forums in a members only section of my wordpress site and I have noticed that the rss feeds are not protected and can be viewed by anyone who know the link. Is there a setting anywhere to change this or an option to turn them off?

Viewing 4 replies - 1 through 4 (of 4 total)
  • I have commented out bbp_display_topics_feed_rss2 in bbp-topic-functions and bbp_display_reply_feed_rss2 in bbp-reply-functions so the rss feeds now seem to be disabled.

    Is this going to break any other functionality at all?

    John James Jacoby


    How did you go about protecting your ‘members only’ section of your site? You’ll want to apply that same logic to feeds as well. If there is a core bbPress bug causing this, please open a trac ticket to discuss.

    I am using the “more privacy options” plugin to control blog privacy and I am guessing the limitation is with the plugin, as it does not protect uploaded media either. Does anyone know of any other privacy plugins that may help me resolve this?

    The fast way to remove feed is use redirect, try redirect using cpanel for anything contain word ‘feed’. That the temporary solutions before any correct problem solver found.

Viewing 4 replies - 1 through 4 (of 4 total)
  • You must be logged in to reply to this topic.
Skip to toolbar