Wordpress - Disable xmlrpc.php


Wordpress - Disable xmlrpc.php through .htaccess

NOTE: Wordpress version 5.0 and later would automatically have xmlrpc.php disabled, if you can, we recommend updating Wordpress to keep it up to date - please also note that if you are not familiar with updating Wordpress, we recommend seeking the advice of a website developer to assist you with this as there may be a chance that your website would not be compatible with the latest versions of Wordpress.

Step 1 - Login to your cPanel and go to File Manager, open up the folder which contains your Wordpress installation (usually in public_html).

Step 2 - Edit your .htaccess file - if it is not there, then you may need to enable hidden folders and files up the top right in File Manager.


Step 3 - Insert the following code into the top of your .htaccess file and Save.

<Files xmlrpc.php>
order deny,allow
deny from all

Related Articles

  • Comments

Add Comment

Replying to