Should I disable XML-RPC on WordPress?

Steve32

Active member
Joined
Mar 15, 2014
Messages
210
Points
28
Should I deactivate XML-RPC on WordPress? I heard that XML-RPC is opening for brute force attacks, if yes, how to disable it in WordPress?
 

professorrosado

New member
Joined
Aug 30, 2015
Messages
236
Points
0
WordPress v3.5 introduces the filter xmlrpc_enabled:

add_filter('xmlrpc_enabled', '__return_false');

You can add this code to your wp_config.php after the line require_once(ABSPATH . 'wp-settings.php'); if you want to disable XML-RPC for your site.
from [URLnf="http://wpengineer.com/2484/xml-rpc-enabled-by-default-in-wordpress-3-5/"]here[/URLnf]

Also, there are a few plugins in the plugin repository that do this for you or block access to it. Try that option.
 

michaelswengel

New member
Joined
Dec 10, 2015
Messages
40
Points
0
I have it disabled on my sites, but it depends on your needs.

If you're concerned about security (as you should be) check out iThemes Security or a similar plugin and get your site locked down from attack. It's protected mine from attack a few times.
 

LowEndXeon

New member
Joined
Dec 14, 2015
Messages
36
Points
0
I would, due to the very easy to access attack methods for the people who'd like to pay to get a site downed for about 600 seconds. Becomes a huge issue if they continue. I'd do it based on your needs on WordPress.
 
Older threads
Replies
2
Views
8,487
Replies
11
Views
5,220
Replies
21
Views
7,145
Newer threads
Replies
9
Views
3,775
Replies
7
Views
2,999
Replies
10
Views
3,153
Replies
8
Views
2,665
Latest threads
Replies
1
Views
77
Replies
1
Views
174
Replies
4
Views
381
Replies
11
Views
523
Replies
2
Views
228

Latest postsNew threads

Referral contests

Referral link for :

Sponsors

Popular tags

You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.

Top