Should I disable XML-RPC on WordPress?

Steve32

Premium Member
Premium
Registered
Joined
Mar 15, 2014
Messages
111
Points
18
Should I deactivate XML-RPC on WordPress? I heard that XML-RPC is opening for brute force attacks, if yes, how to disable it in WordPress?
 

professorrosado

Well-known member
Registered
Joined
Aug 30, 2015
Messages
173
Points
0
WordPress v3.5 introduces the filter xmlrpc_enabled:

add_filter('xmlrpc_enabled', '__return_false');

You can add this code to your wp_config.php after the line require_once(ABSPATH . 'wp-settings.php'); if you want to disable XML-RPC for your site.
from here

Also, there are a few plugins in the plugin repository that do this for you or block access to it. Try that option.
 

michaelswengel

Member
Registered
Joined
Dec 10, 2015
Messages
39
Points
0
I have it disabled on my sites, but it depends on your needs.

If you're concerned about security (as you should be) check out iThemes Security or a similar plugin and get your site locked down from attack. It's protected mine from attack a few times.
 

LowEndXeon

Member
Registered
Joined
Dec 14, 2015
Messages
26
Points
0
I would, due to the very easy to access attack methods for the people who'd like to pay to get a site downed for about 600 seconds. Becomes a huge issue if they continue. I'd do it based on your needs on WordPress.
 
Older Threads
Replies
4
Views
2,928
Replies
6
Views
3,421
Replies
21
Views
9,858
Newer Threads
Replies
10
Views
2,915
Replies
7
Views
2,335
Replies
11
Views
3,117
Replies
8
Views
3,003
Latest Threads
Replies
0
Views
14
Replies
1
Views
20
Replies
2
Views
38
Recommended Threads
Replies
4
Views
1,487
Replies
8
Views
1,950
Replies
19
Views
16,870

Latest postsNew threads

Latest Hosting OffersNew Reviews

Sponsors

Tag Cloud

You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.

Top