Wordpress - Disable xmlrpc.php

  Print

Wordpress - Disable xmlrpc.php through .htaccess


NOTE: Wordpress version 5.0 and later would automatically have xmlrpc.php disabled, if you can, we recommend updating Wordpress to keep it up to date - please also note that if you are not familiar with updating Wordpress, we recommend seeking the advice of a website developer to assist you with this as there may be a chance that your website would not be compatible with the latest versions of Wordpress.

Step 1 - Login to your cPanel and go to File Manager, open up the folder which contains your Wordpress installation (usually in public_html).

Step 2 - Edit your .htaccess file - if it is not there, then you may need to enable hidden folders and files up the top right in File Manager.

84883b33e400ec4fdf43f06cfd8edcbc6427c47e?t=6cac12d884b9de91d5c25d7c04532110


Step 3 - Insert the following code into the top of your .htaccess file and Save.

<Files xmlrpc.php>
order deny,allow
deny from all
</Files>



Related Articles