How to Disable XML-RPC in WordPress?

What is XML-RPC in WordPress?

XML-RPC protocol permits programs to make function or procedure calls across a network. In reference to WordPress, it allows sending your blog data to other networks.

This is by default enabled on all WordPress installation by default. If you are using Mobile Application, then xmlrpc.php is responsible for connecting your mobile App to your WordPress installation.

Do I need XML-RPC functionality?

I believe no. XML-RPC by default a target method to attack your site and it’s one of the security liability.

On Crunchify we have disabled XML-RPC.

xml rpc is not enabled on crunchify.com and pro.crunchify.com

There are two ways you could disable it?

Option-1.

Add below filter to your theme’s functions.php file and it will be disabled.

add_filter( 'xmlrpc_enabled', '__return_false' );

Option-2.

Download plugin All-in-One Optimizer and Customer.
Enable option Disable XML-RPC option from Performance Tweaks tab.

Disable XML RPC using All in One Optimizer and Customizer

Hope this helps.

Get All-in-One Optimizer & Customizer

Simplest, most powerful, super light weight All-in-One WordPress plugin for all! 50+ Optimization, Customization & Webmaster Options in one single plugin. 🥳

Download

Join the Discussion

If you liked this article, then please share it on social media. Still have any questions about an article, leave us a comment.

How to Disable XML-RPC in WordPress?

What is XML-RPC in WordPress?

Do I need XML-RPC functionality?