Get Started

Don’t Get Hacked! How to Disable XML-RPC on WordPress in 5 Minutes

Learn how to disable XML-RPC in your WordPress site using code. This is done to enhance security and avoid attacks on your site.

by WPCodeBox

Watch on YouTube

Meet WPCodeBox: The Best Code Snippets Plugin for WordPress

faces

Join thousands of developers and agencies who are working better and faster using WPCodeBox

Get Started Now

XML-RPC was once useful in WordPress, but today it mostly creates security risks. Hackers use it to brute force logins or slow down sites.

To prevent this, you can disable XML-RPC with a simple snippet. Logged-out users will no longer be able to access the XML-RPC endpoint, and requests can be redirected to your homepage for extra security.

Below is the code snippet from the video used to disable XML-RPC:

add_filter('xmlrpc_enabled','__return_false');

add_action('init',function() {
    if(strpos($_SERVER['REQUEST_URI'],'xmlrpc.php') !== false) {
        wp_redirect(home_url()); 
        exit;
    }
});

Related Tutorials

Learn to Code Like a Pro in Just 10 Minutes (For WordPress Beginners)

By WPCodeBox

Don’t Get Hacked! How to Disable XML-RPC on WordPress in 5 Minutes

By WPCodeBox

Meet WPCodeBox IDE: The Online IDE Built for WordPress

By WPCodeBox

Put This Code in WordPress and Make the Admin Bar Disappear!

By WPCodeBox

How to Allow SVG Uploads in WordPress with Simple Code Snippet

By WPCodeBox

Build Safer WordPress Sites: Disable REST API Access for Guests

By WPCodeBox

WPCodeBox is a WordPress Code Snippets Manager that allows you to share your WordPress Code Snippets across your sites.

Main

Home Pricing Blog About Us

More

Roadmap Releases WPCodeBin Actions & Filters Playground Affiliate Program

Help

Contact Documentation Videos

© WPCodeBox

Terms of Service Privacy