Short tutorial on How to Disable XML-RPC in Wordpress.
The XML-RPC function was originally designed to be used an intranet
notification system for WordPress users. The primary purpose of the XML-RPC is to remote post the contents to WordPress from Mobile. Some plugins and third-party applications use XML-RPC to deliver content from their servers to your site. But, few use it to spam and hack the website. Hackers are using the XML-RPC function in WordPress for DDoS botnet attacks as well as Brute Force attacks.
In this short tutorial we will discuss on how to disable XML-RPC in wordpress. Follow the steps given below to disable XML-RPC section in a wordpress for performance and security optimization.
Step 1: Go to Filemanager → Public_html → wp-config.php file and add the below code and click on Save.
Step 2: Edit .htaccess file and add the below code and click on Save.
# START XML RPC BLOCKING
Deny from all
# FINISH XML RPC BLOCKING
Step 3: Go to Dashboard → Settings → Discussion
Step 4: Turn off trackbacks and pingback. As we have already installed a plugin for disabling comments click on the plugin configure settings.
Step 5: You have successfully disabled XML-RPC from your WordPress website.