In WordPress the XML-RPC protocol is used to add additional functionality to WordPress.
Starting with WordPress 3.5 you can't disable xmlrpc.php requests by default.
Most WordPress users don't need the XML-RPC functionality for their site. If you've been getting a lot of POST attempts to the WordPress xmlrpc.php file it's generally best to restrict access to this file to only certains services that might need it.
These services include the WordPress mobile app as well as Blogger.
You can easily limit access to your WordPress xmlrpc.php file with these .htaccess rules:
# Block WordPress xmlrpc.php requests <Files xmlrpc.php> order deny,allow deny from all allow from 123.123.123.123 </Files>
If you wanted to outright block all access to the xmlrpc.php script, just don't add the allow line above with the IP address that has access.
| Email: | support@WebHostingHub.com | Ticket: | Submit a Support Ticket |
|---|---|---|---|
| Call: |
877-595-4HUB (4482) 757-416-6627 (Intl.) |
Chat: | Click To Chat Now |
We value your feedback!
There is a step or detail missing from the instructions.
The information is incorrect or out-of-date.
It does not resolve the question/problem I have.
new! - Enter your name and email address above and we will post your feedback in the comments on this page!