- Популярные видео
- Авто
- Видео-блоги
- ДТП, аварии
- Для маленьких
- Еда, напитки
- Животные
- Закон и право
- Знаменитости
- Игры
- Искусство
- Комедии
- Красота, мода
- Кулинария, рецепты
- Люди
- Мото
- Музыка
- Мультфильмы
- Наука, технологии
- Новости
- Образование
- Политика
- Праздники
- Приколы
- Природа
- Происшествия
- Путешествия
- Развлечения
- Ржач
- Семья
- Сериалы
- Спорт
- Стиль жизни
- ТВ передачи
- Танцы
- Технологии
- Товары
- Ужасы
- Фильмы
- Шоу-бизнес
- Юмор
How to Disable XML-RPC in WordPress Safely | (With Plugin & Manually)
Hackers don’t always enter through your login page. In fact, nearly 50% of login attacks happen through a hidden door called XML-RPC.
- So, what is XML-RPC?
- How does it work?
- Why is it even there?
- And most importantly, should you disable it?
In this video, I’ll show you:
- What XML-RPC is
- Why it’s risky
- How to disable it using a plugin
- And how to block it manually
Let’s secure your WordPress site, one step at a time.
Detailed Article: https://www.wpbravo.com/how-to-disable-xmlrpc-in-wordpress/
▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬
Contact me
▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬
Mobile : +8801773355998 (WhatsApp available)
Email : hello@wpbravo.com
Website : https://www.wpbravo.com/contact/
▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬
✅ What is XML-RPC?
Think of XML-RPC like a remote control. It lets other apps or tools control your WordPress site from far away. Apps can use it to log in, publish posts, manage comments, and more.
It’s like giving them a way in… without using the regular login screen.
Now here’s the important part:
To make all this possible, WordPress uses a file called xmlrpc.php. This file is part of the core files in WordPress. If your site runs on WordPress, this file is already there, by default.
And that’s where the problem begins.
✅ Why XML-RPC is Risky
The xmlrpc.php file is always there. And it’s always open. Unless you block it. Hackers know this. They use it to brute force your site. That means, they try thousands of usernames and passwords, really fast.
All through xmlrpc.php.
And here’s the worst part…
They don’t even need to visit your login page. So, your login limit plugin? It doesn’t help here.
✅ Should I Disable It?
It depends. But for most people, yes, you should.
If you never use a mobile app to post on your site, If you don’t connect Jetpack, or other external tools, Then you don’t need xmlrpc.php. It just sits there, open to the world, waiting for trouble.
So, if you only log in through your browser, like Chrome or Firefox.
Then go ahead and disable it.
Your site will be safer.
✅ How Can I Disable It?
There are two easy ways:
1️⃣ Using a plugin
2️⃣ Doing it manually
Let’s go through both.
1. You can disable XML-RPC easily if you are a wordfence user. Wordfence allows users to disable XML-RPC authentication. If you don't use Wordfence go and install it now.
Do you want to know why? Know why: https://www.wpbravo.com/wordfence-review/
But if you don't want to use Worfence, you can do that using a small plugin called disable XML-RPC.
But if you don't want to use plugin at all. Nothing to worry about it. You can disable xmlrpc.php file manually with a like code.
The code is: Require all denied
But you have to put this code in .htaccess file following the rules.
As I am not allowed to write code in here, you should check that in your website. I have written step-by-step article.
That's all.
If you found this tutorial helpful, hit a thumbs up.
Видео How to Disable XML-RPC in WordPress Safely | (With Plugin & Manually) канала WPBravo
- So, what is XML-RPC?
- How does it work?
- Why is it even there?
- And most importantly, should you disable it?
In this video, I’ll show you:
- What XML-RPC is
- Why it’s risky
- How to disable it using a plugin
- And how to block it manually
Let’s secure your WordPress site, one step at a time.
Detailed Article: https://www.wpbravo.com/how-to-disable-xmlrpc-in-wordpress/
▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬
Contact me
▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬
Mobile : +8801773355998 (WhatsApp available)
Email : hello@wpbravo.com
Website : https://www.wpbravo.com/contact/
▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬
✅ What is XML-RPC?
Think of XML-RPC like a remote control. It lets other apps or tools control your WordPress site from far away. Apps can use it to log in, publish posts, manage comments, and more.
It’s like giving them a way in… without using the regular login screen.
Now here’s the important part:
To make all this possible, WordPress uses a file called xmlrpc.php. This file is part of the core files in WordPress. If your site runs on WordPress, this file is already there, by default.
And that’s where the problem begins.
✅ Why XML-RPC is Risky
The xmlrpc.php file is always there. And it’s always open. Unless you block it. Hackers know this. They use it to brute force your site. That means, they try thousands of usernames and passwords, really fast.
All through xmlrpc.php.
And here’s the worst part…
They don’t even need to visit your login page. So, your login limit plugin? It doesn’t help here.
✅ Should I Disable It?
It depends. But for most people, yes, you should.
If you never use a mobile app to post on your site, If you don’t connect Jetpack, or other external tools, Then you don’t need xmlrpc.php. It just sits there, open to the world, waiting for trouble.
So, if you only log in through your browser, like Chrome or Firefox.
Then go ahead and disable it.
Your site will be safer.
✅ How Can I Disable It?
There are two easy ways:
1️⃣ Using a plugin
2️⃣ Doing it manually
Let’s go through both.
1. You can disable XML-RPC easily if you are a wordfence user. Wordfence allows users to disable XML-RPC authentication. If you don't use Wordfence go and install it now.
Do you want to know why? Know why: https://www.wpbravo.com/wordfence-review/
But if you don't want to use Worfence, you can do that using a small plugin called disable XML-RPC.
But if you don't want to use plugin at all. Nothing to worry about it. You can disable xmlrpc.php file manually with a like code.
The code is: Require all denied
But you have to put this code in .htaccess file following the rules.
As I am not allowed to write code in here, you should check that in your website. I have written step-by-step article.
That's all.
If you found this tutorial helpful, hit a thumbs up.
Видео How to Disable XML-RPC in WordPress Safely | (With Plugin & Manually) канала WPBravo
WP Bravo WPBravo WordPress Bravo disable xml-rpc disable xml rpc in wordpress Disable xmlrpc in WordPress block xml-rpc disable xml-rpc in wordpress wordpress bug fix tutorial how to disable xml-rpc in wordpress wordpress tutorial xmlrpc wordpress tutorial for beginners how to disable xmlrpc.php in wordpress disable xmlrpc.php how to disable xmlrpc in wordpress what is xmlrpc.php in wordpress block xmlrpc block xml-rpc in wordpress wordpress security
Комментарии отсутствуют
Информация о видео
25 июля 2025 г. 19:21:01
00:04:23
Другие видео канала
WordPress Error Fixing | WP Bravo
FIX WordPress Password Issues with cPanel FAST!
Setting Up WordPress Site on NameCheap with Free Hosting
How to Reset WordPress Password from cPanel in 2024 #wordpresstutorial
$1000 eCommerce Website for Free
How to Fix a Hacked Website
WooCommerce Checkout Page Customization #woocommercetutorial
PHP Update Required / How to Update PHP Version in WordPress
How to Start a Free Blog and Make $1000/Month | Create a Free Blog Website
Capture Full Browser Screenshots Without Any Software
How Much Does It Cost to Build a WordPress Blog? | Complete Guide and Budget Breakdown
How to Save Changes on WordPress without Publishing #wordpresstutorial #wordpressblog #WPBravo
Create an eCommerce Website Using WooCommerce & Elementor
FREE Timeline in Elementor | No Plugin | No Codeing | Wordpress Tutorial
How to Fix White Screen of Death Error in WordPress (Step by Step)
WordPress Dark Mode 〣 WordPress Tutorial for Beginners 〣 WPBravo
Quick Fix: There has been a Critical Error on this Website | WordPress Fix
How to Create an Online Store Website Using WordPress
Fatal Error: Allowed Memory Size Exhausted in WordPress (Easy Fix) #wordpresstutorial
How to Install WordPress on cPanel 2024 | WordPress Tutorial For Beginners
