CAll Us: +977 9851236800 Submit Ticket   Login

How to Disable XML-RPC in WordPress

XML-RPC is a remote procedure call which uses XML to to encode its calls and HTTP as a transport mechanism. XML-RPC can be called as a system which enable user to publish post from remote weblog client.

Though this function was added for user benefit, hacker or attacker try to send thousands of call to your server and try to make your website down. So if you are facing thousands of http request call, it would be beneficial to disable XML-RPC in WordPress.

We are going to mention Two ways with which you can disable your XML-RPC in WordPress

  1. Add the below code to your wp-config.php file.
    add_filter('xmlrpc_enabled', '__return_false');
  2. Add the below code .htaccess file.
     # Block WordPress xmlrpc.php requests
    order deny,allow
    deny from all
    allow from

    Using .htaccess you can allow your IP or particular IP and block rest of all.

Since, very few people use this system, it is better to turn it off.

About the Author

Leave a Reply