Should I disable XML-RPC on WordPress?

Steve32

Premium Member
Premium
Registered
Joined
Mar 15, 2014
Messages
116
Points
18
Should I deactivate XML-RPC on WordPress? I heard that XML-RPC is opening for brute force attacks, if yes, how to disable it in WordPress?
 

professorrosado

Well-known member
Registered
Joined
Aug 30, 2015
Messages
173
Points
0
WordPress v3.5 introduces the filter xmlrpc_enabled:

add_filter('xmlrpc_enabled', '__return_false');

You can add this code to your wp_config.php after the line require_once(ABSPATH . 'wp-settings.php'); if you want to disable XML-RPC for your site.
from here

Also, there are a few plugins in the plugin repository that do this for you or block access to it. Try that option.
 

michaelswengel

Member
Registered
Joined
Dec 10, 2015
Messages
39
Points
0
I have it disabled on my sites, but it depends on your needs.

If you're concerned about security (as you should be) check out iThemes Security or a similar plugin and get your site locked down from attack. It's protected mine from attack a few times.
 

LowEndXeon

Member
Registered
Joined
Dec 14, 2015
Messages
26
Points
0
I would, due to the very easy to access attack methods for the people who'd like to pay to get a site downed for about 600 seconds. Becomes a huge issue if they continue. I'd do it based on your needs on WordPress.
 
Older Threads
Replies
4
Views
3,141
Replies
6
Views
3,732
Replies
21
Views
10,913
Newer Threads
Replies
10
Views
3,110
Replies
7
Views
2,514
Replies
11
Views
3,325
Replies
8
Views
3,280
Latest Threads

Latest Hosting OffersNew Reviews

Sponsors

Tag Cloud

You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.

Top