What is XML-RPC and How to Disable this in WordPress

What is XML-RPC ?

According to Wikipedia, In XML-RPC, a client performs an RPC by sending an HTTP request to a server that implements XML-RPC and receives the HTTP response. A call can have multiple parameters and one result. The protocol defines a few data types for the parameters and result. Some of these data types are complex. For example, you can have a parameter that is an array of five integers.

XML-RPC Diagram

For permission of access or publishing a blog in remote, it is necessary to enable XML-RPC.

In previous, there were security concerns with XML-RPC thus it was disabled by default. With the increasing use of mobile, this change was imminent. Your XML File with the PHP file is located on your web server. It is basically an API. You know, API can be used also be misused. I will show you a few ways to disable XML-RPC. With WordPress XML-RPC support, you can post your WordPress blog using many popular weblog clients. The XML-RPC system can be extended by the WordPress plugin to modify its behaviour.

Disable XML-RPC using .htaccess

It is a very easy process. At first, all you need to do is edit the .htaccess file associated with the WordPress site-you will find it in the home directory of the site and add the following code to the file:

.htaccess
# Disable xmlrpc.php requests
<files xmlrpc.php>
order deny,allow
deny from all
allow from 123.123.123.123
</files>

Disable XML-RPC using Plugin

Use a plugin to disable XML-RPC. There are a number of plugins out there that help you to disable XML-RPC functionality on WordPress sites but a lot of them are not active. The following plugin seems to be doing a good job at blocking the requests at the time of writing, based on user feedback. So, if you don’t want to use the recommended .htaccess method above you can give the following plugin a try.

By using Disable XML-RPC, you can disable XML-RPC very easily.It reacts as the same thing as the code above.

Some of the most well-known plugins that require XML-RPC can be found below:

  • WordPress Mobile App
  • JetPack
  • LibSyn
  • BuddyPress
  • Windows Live Writer

If you face any problem or have any question, share with us. Thank you.