How to Disable XMLRPC.PHP in WordPress

Jackson Dunagan

Digital Influencer, Speaker, & Founder of Bright Vessel | Bright Plugins | Bright Hosting | Co-Founder of Print Mavericks | Flawless WordPress management & plugins for eCommerce brands

Published Aug 21, 2020

A security audit we perform on every site we manage is the disabling of xmlrpc.php in WordPress.

What Is xmlrpc.php?

WordPress includes a feature called XML-RPC that enables data to be transmitted by HTTP and XML to encode the data. The issue with security is that it allows you to access a website from any custom admin software or mobile applications vs. using the browser.

How to disable XML-RPC with a Plugin

Fortunately for the non-techies, there is a free plugin that can do this for you.

Disable XML-RPC

Installation

Upload to the /wp-content/plugins/directory in the plugin panel.
Activate the plugin
Bam!, it is now disabled.

Click here to read the rest of the article.

To view or add a comment, sign in

How to Disable XMLRPC.PHP in WordPress

Jackson Dunagan

Digital Influencer, Speaker, & Founder of Bright Vessel | Bright Plugins | Bright Hosting | Co-Founder of Print Mavericks | Flawless WordPress management & plugins for eCommerce brands

A security audit we perform on every site we manage is the disabling of xmlrpc.php in WordPress.

What Is xmlrpc.php?

How to disable XML-RPC with a Plugin

More articles by Jackson Dunagan

Insights from the community

Others also viewed

A vulnerability in the LiteSpeed plugin for WordPress poses a risk to 5 million sites

[BUGFIX] Menu Dropdown Not Working On Mobile

Custom API Development of outside the usual WordPress custom post type data fetching

Disable the Admin Bar in WordPress

How To Change Login Error Message On WordPress Login Page?

WordPress 4.4.2 Security and Maintenance Release

Create a WordPress Plugin for adds a custom table to the WP Database

Basic Security for Access WordPress Plugin

How To Change Read More Button Text In WordPress Theme?

How to Fix the 500 Internal Server Error in WordPress

Explore topics

A security audit we perform on every site we manage is the disabling of xmlrpc.php in WordPress.

What Is xmlrpc.php?

How to disable XML-RPC with a Plugin

More articles by Jackson Dunagan

AI, Customer Journeys, Managed Hosting & BOGO Boosts!

Unlock Your WooCommerce Potential: Strategies for Success

SEO Is Dead: How Google's Pay-to-Play Model Has Changed the Game

WordPress News: Top 10 Recent WordPress Updates

SEO Is Dead: How Google's Pay-to-Play Model Has Changed the Game

The Digital Marketing Landscape in 2024

Black Friday in 2024: Insights, Trends, and Strategies for Success

How to Address ADA Website Compliance in 2025

10 Content Ideas for Your Small Business

Black Friday in 2024: Insights, Trends, and Strategies for Success

Insights from the community

Others also viewed

A vulnerability in the LiteSpeed plugin for WordPress poses a risk to 5 million sites

[BUGFIX] Menu Dropdown Not Working On Mobile

Custom API Development of outside the usual WordPress custom post type data fetching

Disable the Admin Bar in WordPress

How To Change Login Error Message On WordPress Login Page?

WordPress 4.4.2 Security and Maintenance Release

Create a WordPress Plugin for adds a custom table to the WP Database

Basic Security for Access WordPress Plugin

How To Change Read More Button Text In WordPress Theme?

How to Fix the 500 Internal Server Error in WordPress

Explore topics