Namesco/Cheapnames/Simply and the XMLRPC.php saga

Now I don’t how many of the people who read this have a blog themselves or are considering getting one, but if you do . .  whatever you do don’t get one hosted at the above companies, because if you do, you will never ever be able to use the xmlrpc function that is embedded in WordPress, this function allows you to post images/text etc from other websites/apps into your WordPress blog.

When I first started blogging I did’nt know about xmlrpc, but as I began to have other sites where I posted things to do with my life, i.e. YouTube, Flickr and discovered that I could post from mobile apps on my iPhone and iPad, I began to realise what a fantastic function it was.

However when I attempted to start using this function on my WordPress Blog I discovered that it would’nt work, no matter what I did or how I did it, I just could’nt get anything to remotely post to my blog.

After much digging around on the net I discovered that possibly my hosting company was blocking this function within WordPress, so I decided to contact them, at first they informed me that this was not the case and that it must be something else.

So I went away and did some more digging on the internet and someone’s post on some long forgotted forum suggested that i make a copy of the xmlrpc.php file in wordpress and rename it to something else, which I duly did and then pointed my apps and websites to this newly created new named xmlrpc.php file and low and behold it worked, however some of the apps and websites I used were hardcoded to only use the xlmrpc.php file, so again I approached my hosting companys Tech Support explaining what I’d done and how I’d done it, and why of why was the original xmlrpc.php file not working, well they passed me about for a while and eventually I was told by someone that due to an expoilt in early WordPress installs they had decided to lockdown this file to stop their hosting servers being compromised.

So I went away and researched this exploit and found that it had been fixed and that the particular version of WordPress I was using was one of the ones where the exploit no longer existed.

With this news I went back to the Tech Support company and explained that my WordPress did’nt have this exploit and could they enable the function again . . .

Ohhh noooo we can’t do that sir, we’ve disabled it across all our hosting platforms/servers

Oh and why’s that I said

Well sir it seems not everyone’s as diligant as you are and some people are still running older versions of WordPress and because of that we can’t unlock the file to enable you to use it, so I’m afraid sir that theres nothing we can do to help you . . .

Anyway I’ve been having this arguement with them for the past few years now and I’m getting sick of it, in the 3 years I’ve argued with them, they could have got up off their arses and contacted all the people with outdated versions of WordPress and told them to update them, but guessing that would take brains, something which they don’t appear to have.

So today after recieving an email from them informing me that I had to change my email passwords for security reasons and that if I did’nt, they would change them automatically for me, I sent the following to their Technical Support Dept

Dear Technical Support,

I notice that you’ve recently sent me an email telling me to change the passwords on my email accounts, otherwise you will change them automatically.
Well how about you send a similar email to all your customers running outdated versions of WordPress, telling them that if they don’t update them you will disable their accounts, this way customers like myself will be able to use the XMLRPC function of wordpress, instead of continually having to listen to Support Technicians telling us that its been disabled locked down due to inconsiderate users not updating their versions of WordPress to a version that prevents the XMLRPC.php file from being exploited.
Come on Tech Support, pull your finger out and get with the programme, I’ve heard this same excuse from you for at least 3 years, so instead of blaming the customers because they have’nt updated, how about being security conscious like you are with email passwords and either notify those with older versions of WordPress that you’ll disable them unless they change or just migrate all those users with updated installs all onto one hosting server and then allow those customers to use the XLMRPC.php file.
I look forward to a response and the name and number of a Director of the company that I can complain to directly and perhaps reach some sort of solution.
regards
Vince a pissed off, sick to death of hearing excuses, probably soon to be an ex-customer of Namesco . . .

Now its just a case of waiting and seeing what they reply with. . . .

I’ll keep you posted

2 thoughts on “Namesco/Cheapnames/Simply and the XMLRPC.php saga

  1. well aparently Namesco have’t done anything yet since I am trying to solve the exact same problem. If people haven’t updated wordpress since this was a problem then the blog is dead. It doesn’t matter if it gets hacked.

    Not the first piece of Stupidity I have seen from them either

  2. Yep Namesco really don’t seem to care much for their active customers, I ended up moving over the GoDaddy, not the best company out their, but they do at least let you use the XMLRPC.php file and their WordPress installations make it easier for the uninitiated to update the WordPress versions.

    Good luck with Namesco and if you do go elsewhere feel free to let us know which Hosting Company you go with.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.