Menu
Tech.Hafism
  • Home
  • Joomla
  • News
  • Tutorial
  • WordPress
Tech.Hafism
how to disable xml rpc

How to Disable XML-RPC in WordPress

Posted on March 10, 2019March 28, 2019

XML-RPC was disabled by default previously for security reason. However, since WordPress 3.5, the service is enabled by default, and there is no options to turn it off in the CMS dashboard.

Luckily, there is ways to disable the XML-RPC service in WordPress.

What is XML-RPC?

XML-RPC is a remote procedure call (RPC) protocol which uses XML to encode its calls and HTTP as a transport mechanism. In simpler words, it is a service that allows you to connect and publish posts from third party platforms like mobile phones, WordPress mobile app, and Windows Live Writer.

If you are not using these platforms to post articles to your WordPress sites, then you might want to disable this XML-RPC service.

How to Disable XML-RPC with Plugin

Disable XML-RPC WordPress plugin by Philip Erb as claimed by the author is able to turn off the XML-RPC service running on WordPress 3.5 and above. Here is the steps to activate the plugin:

  1. Upload the disable-xml-rpc directory to the /wp-content/plugins/ directory in your WordPress installation.
  2. Activate the plugin through the ‘Plugins’ menu in WordPress
  3. XML-RPC is now disabled!
  4. To re-enable XML-RPC, just deactivate the plugin through the ‘Plugins’ menu.

Let us know if this plugin still works on latest WordPress version!

How to Disable XML-RPC with .htaccess

Pretty easy. Just paste the following code in your .htaccess file. In the configuration of Apache 2.2 (or 2.4 with the legacy access control syntax module enabled) you could do it by adding:

# Block WordPress xmlrpc.php requests
<Files xmlrpc.php>
    order deny,allow
    deny from all
    allow from 123.123.123.123
</Files>

Don’t forget to replace “allow from” IP address with yours.

Using Apache 2.4’s newer access control syntax, it will be:

<files xmlrpc.php>
    Require all denied
</files>

That’s all for now. Let us know your thoughts! 🙂

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Categories

  • Joomla
  • News
  • Tutorial
  • WordPress

Archives

  • March 2019
  • January 2019
  • November 2018
  • May 2012
  • March 2012

Recent Posts

  • How to Disable XML-RPC in WordPress
  • How to Redirect Old Domain to New Domain Permanently
  • How to Force Close Google Chrome Tab
  • List of Joomla Template Providers
  • Google Chrome Has Passed Internet Explorer to Be The World’s Most Popular Web Browser
©2022 Tech.Hafism | Powered by SuperbThemes & WordPress