Wordpress - Disable xmlrpc.php


Wordpress - Disable xmlrpc.php through .htaccess

Note: Wordpress version 5.0 and later would automatically have xmlrpc.php disabled. If you can, we recommend updating Wordpress to keep it up to date - please also note that if you are not familiar with updating Wordpress, we recommend seeking the advice of a website developer to assist you with this as there is a chance that your website is not compatible with the latest versions of Wordpress.

Step 1 - Edit your .htaccess file. We have a guide on doing this here.


Step 2 - Insert the following code into the top of your .htaccess file and Save.

<Files xmlrpc.php>
order deny,allow
deny from all

For more tutorials on website development and Wordpress troubleshooting, view our List of Wordpress Guides.

Did you find this article useful?  

Related Articles

© Crucial