WordPress Help

Disable XML-RPC

XML-RPC allows mobile apps and remote connections to publish to WordPress. If you don't want to be able to post remotely to your site, follow the steps below to improve your site security.

You should always backup your site before making any changes.
Access the File Manager for your hosting plan. ( Web Hosting / cPanel )
Navigate to the folder in which WordPress is installed.
Edit the .htaccess file.
At the bottom of the .htaccess file, insert the following lines:
```
<Files xmlrpc.php>
Order Allow,Deny
Deny from all
</Files>
```
Save the changes to your file.

You've now disabled access to the XML-RPC function and reduced the number of ways your site can be attacked.

More info

Return to Improve WordPress security.
For more information about our premium support for WordPress, please visit our WP Premium Support Catalog.

Was This Article Helpful?

Thanks for your feedback. To speak with a customer service representative, please use the support phone number or chat option above.

Glad we helped! Anything more we can do for you?

Sorry about that. Tell us what was confusing or why the solution didn’t solve your problem.

WordPress Help

Disable XML-RPC

More info

Looking for help?

Looking for help?

WordPress Help

Disable XML-RPC

More info

Community Related

XML-RPC Blocked

1 Replies

Latest posted a year ago

Export XML backup file from WP dashboard

1 Replies

Latest posted a year ago

How to Upload XML Sitemap on Managed Wordpress Hosting?

3 Replies

Latest posted a year ago

XML Sitemap Caching on Managed WordPress Hosting

2 Replies

Latest posted 3 years ago

Disable object caching in PHP

3 Replies

Latest posted 3 years ago

Don't see what you are looking for? Search the Community

Related Articles

Disable comments in WordPress

Disable WordPress plugins in the database

Disable trackbacks and pingbacks in WordPress

Disable external WordPress comment requests

Disable directory browsing

Looking for help?

Looking for help?