Bobcares

Disable XML-RPC for a WordPress instance

by | Dec 12, 2022

Wondering how to disable XML-RPC for a WordPress instance? Our in-house experts are here to help you out with this article. Our WordPress Support team is here to offer a lending hand with your queries and issues.

Disable XML-RPC for a WordPress instance

The XMLRPC is a system that allows remote updates to WordPress from other applications.

While many things can be done at the coding level in WordPress, sometimes it’s just easier to use the right plugin.

Today, we’re going to use Manage XML-RPC. This plugin is simple and does the job to enable and disable the XMLRPC whenever you wish.

  • Firstly, In order to use this great little plugin you need to install and activate it from the plugins page in your WordPress admin dashboard.
  • After installing and activating the plugin, a new feature will appear in the left side of your WordPress admin panel called, “XML-RPC Settings.” Click this link to open the plugin.
  • Check the box to “Disable XML-RPC” if you want to remove the remote access abilities of WordPress. At any time, you can uncheck the box to re-enable it.
  • Once your selections have been made, click the “Save Changes” button on the bottom left of the screen.

Using the .htaccess File to Disable XMLRPC for a WordPress instance

 

It is simple using the .htaccess file to disable xmlrpc.php.

To use .htaccess to disable the xmlrpc.php function in WordPress you need to go to the root folder of your WordPress website using either FTP, or File Manager within your GreenGeeks account can also useful if you have it available.

Find and edit the .htaccess file. In some versions of cPanel, this file will be hidden.

You will need to set cPanel to view hidden files to access .htaccess.

To do this click on “Settings” in the top right of the File Manager and check the button that says “show hidden files.”

Click save and you will now see your .htaccess file.

Open the .htaccess file and add the following code:

[ht_message mstyle=”info” title=”” show_icon=”” id=”” class=”” style=”” ]# Block WordPress xmlrpc.php requests

order deny,allow
deny from all
allow from 123.123.123.123
[/ht_message]

Now “Save” the file. It’s that simple. Now, anything remote using XMLRPC.PHP will be denied.

Conclusion

In conclusion, our Support Engineers showed us steps to disable XML-RPC for a WordPress instance. Drop us a line in the comments if you face any trouble.

PREVENT YOUR SERVER FROM CRASHING!

Never again lose customers to poor server speed! Let us help you.

Our server experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.

GET STARTED

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

Never again lose customers to poor
server speed! Let us help you.