Disable XML-RPC

XML-RPC allows mobile apps and remote connections to publish to WordPress. If you don't want to be able to post remotely to your site, follow the steps below to improve your site security.

  1. You should always backup your site before making any changes.
  2. Access the File Manager for your hosting plan. ( Web Hosting / cPanel )
  3. Navigate to the folder in which WordPress is installed.
  4. Edit the .htaccess file.
  5. At the bottom of the .htaccess file, insert the following lines:
    <Files xmlrpc.php>
    Order Allow,Deny
    Deny from all
    </Files>
  6. Save the changes to your file.

You've now disabled access to the XML-RPC function and reduced the number of ways your site can be attacked.

More info


Was This Article Helpful?
Thanks for your feedback. To speak with a customer service representative, please use the support phone number or chat option above.
Glad we helped! Anything more we can do for you?
Sorry about that. Tell us what was confusing or why the solution didn’t solve your problem.