How to Disable XML-RPC in WordPress with .htaccess?

How to Disable XML-RPC in WordPress with .htaccess? [EASY GUIDE]☑️

Here in this tutorial we will provide you information to make you learn how to disable XML-RPC WordPress file. The XMLRPC is a system that allows remote updates to WordPress from other applications.

Watch the video tutorial on How to Disable XML-RPC in WordPress with .htaccess

 

About | XML-RPC

In simple terms, XML-RPC is a feature on WordPress that enables you to send data from another device to your WordPress site. Using this feature, you can make a remote connection with your site using a smartphone. For instance, you can publish a post from the WordPress mobile app to your WordPress website.

So in technical terms, the xmlrpc.php file enables a remote procedure call that uses XML to encode the message to be sent over HTTP. Using this, you can exchange information between devices or computers across. When you send xmlrpc.php requests to your website, WordPress will authenticate the action with a username and password. This is a very basic security check and we do not recommend it for such processes.

All these factors contribute to making brute force attacks possible. A brute force attack is one wherein hackers use bots to try to guess your username and password. Because the xmlrpc.php file can handle large amounts of data, hackers can send a large number of passwords at a time. Not everyone will need xmlrpc.php turned on within WordPress for it to function properly.

In fact, a lot of you may never use this feature at all. If you’re worried about additional security issues, it’s in your best interest to disable this feature until you absolutely need it.

How to disable XML-RPC in WordPress

Now let’s begin with the manual method of disabling XML-RPC on your WordPress site:

Step::1 To access your WordPress files, login to your cPanel.

How to Disable XML-RPC in WordPress with .htaccess
Log into cPanel

Step::2 Under that, you can access ‘File Manager’.

How to Disable XML-RPC in WordPress with .htaccess
How to Disable XML-RPC in WordPress with .htaccess

Step::3 Next, in File Manager, your website’s folders should be under the folder named ‘public_html’. Here, you’ll see three main folders – wp-admin, wp-content, and wp-includes.

How to Disable XML-RPC in WordPress with .htaccess
How to Disable XML-RPC in WordPress with .htaccess

 

Step::4 You should see a file named ‘htaccess’ here. If you don’t, you can use the search bar on the top-right of the screen to look for it.

Tip: If your website has a .htaccess file but you can’t see it, visit settings and click on ‘show hidden files.’

How to Disable XML-RPC in WordPress with .htaccess
How to Disable XML-RPC in WordPress with .htaccess

Step::5 Open the .htaccess file by right-clicking and choosing ‘Edit’.

How to Disable XML-RPC in WordPress with .htaccess
How to Disable XML-RPC in WordPress with .htaccess

Step::6 To restrict access of XML-RPC, paste the following code to this file:

# Block WordPress xmlrpc.php requests
<Files xmlrpc.php>
order deny,allow
deny from all
allow from xxx.xxx.xxx.xxx
</Files>

Step::7 In the 5th line ‘allow from xxx.xxx.xxx.xxx’, replace the x’s with your IP address, if you would like to retain XML-RPC from a particular IP. Otherwise, you can simply delete this line.

Step::8 Click on Save Changes tab and close the file. The code disables XML-RPC.

How to Disable XML-RPC in WordPress with .htaccess
How to Disable XML-RPC in WordPress with .htaccess

Now that you’ve disabled the XML-RPC function in WordPress, you’ve made your Website one level more secure. But there are many more WordPress security measures you should implement in order to keep your website completely protected from hackers.

That’s all, You are done!!!

For more information, kindly follow us on social media like Twitter and Facebook and for video tutorials, subscribe to our YouTube channelhttps://youtube.com/redserverhost.com

Facebook Page- https://facebook.com/redserverhost

Twitter Page- https://twitter.com/redserverhost.com

If you have any query, feel free to let us know via the comments section below.

Thanks for Reading!!!

Tags: cheap linux hostingbuy linux hostingcheap reseller hostingbuy reseller hostingbest reseller hostingcheap web hostingcheapest web hostingcheapest reseller hosting,  cheap reseller hostcheap linux hostcheapest linux hostingbest linux hostingbest web hosting

Scroll to Top