WordPress URL Slugs and SEO
January 16, 2024WordPress.org vs. WordPress.com – What’s the difference?
March 12, 2025
What is XML-RPC?
XML-RPC is a protocol in WordPress. XML stands for eXtensible Markup Language and RPC stands for Remote Procedure Call. It standardizes the communication/connect between different systems so that different platforms can interact with WordPress. Despite being around on WordPress forever, there are still somethings about it that aren’t the best. Hackers have found ways to use it to their advantage. Having XML-RPC on your WordPress website makes your security vulnerable. It can even cause some viruses to appear. To overcome this, WordPress has come up with a new protocol called WordPress REST API. There are also many different security plugins that can assist as well.
GET IN TOUCH
Text us today about your website and technology needs!
How Do I Disable XML-RPC?
There are many different ways to disable XML-RPC. There is making changes to your .htaccess file or installing a plugin. We will go over each one.
Making Changes to Your .htaccess File
You just need to add a code to your file (CPanel or any other file manager is good). The code is:
- # Block WordPress xmlrpc.php requests
- <Files xmlrpc.php>
- order deny,allow
- deny from all
- allow from 123.123.123.123
- </Files>
Disable WordPress XML-RPC With a Code Snippet (Simplest)
Step One:
- For this one you will need to download the WordPress plugin called WPCode.
- After you install WPCode it should appear in your menu bar right underneath Setting.
Step Two:
- Next you’ll go to the plugin and click Add New at either the top of the new page or you can click +Add Snippet in the side menu bar under Code Snippets.
- Then you’ll need to scroll down to the bottom of this new page and click the Use snippet for Disable XML_RPC.
Step Three:
- The last thing you need to do is to switch the Activate button and click Update. After that everything should be good and you’re safer from hackers.
