Wordpress - Disable xmlrpc.php through .htaccess


Note: Wordpress version 5.0 and later would automatically have xmlrpc.php disabled. If you can, we recommend updating Wordpress to keep it up to date - please also note that if you are not familiar with updating Wordpress, we recommend seeking the advice of a website developer to assist you with this as there is a chance that your website is not compatible with the latest versions of Wordpress.


Step 1 - Edit your .htaccess file. We have a guide on doing this here.

84883b33e400ec4fdf43f06cfd8edcbc6427c47e?t=6cac12d884b9de91d5c25d7c04532110


Step 2 - Insert the following code into the top of your .htaccess file and Save.

<Files xmlrpc.php>
order deny,allow
deny from all
</Files>


For more tutorials on website development and Wordpress troubleshooting, view our List of Wordpress Guides.


Did you find this article useful?