xmlrpc

  • I have an xmlrpc.php hyperlink that shows as hidden and broken on all pages in the background of my WordPress sites.
    Wondering if we need it? I believe it’s in the htaccess folder and hoping there is a way to delete it if it is not necessary? Would prefer not to use a plugin.

    Found this code to hide/block it but it did not seem to work:

    # Block WordPress xmlrpc.php requests
    <Files xmlrpc.php>
    order deny,allow
    deny from all
    </Files>

    Have not had luck getting a hold of the theme developer. Please let me know any thoughts. Thank you!

    • This topic was modified 4 years, 5 months ago by Jan Dembowski. Reason: Moved to Fixing WordPress, this is not an Everything else WordPress topic

    The page I need help with: [log in to see the link]

Viewing 5 replies - 1 through 5 (of 5 total)
  • Moderator Yui

    (@fierevere)

    永子

    xmlrpc.php is used to access your site using XML-RPC protocol
    https://en.wikipedia.org/wiki/XML-RPC

    It is used for remote sites to request post data for embedding, notify your site about mentions of your site by others, used by remote publishing apps (such as WordPress APP for iOS/Android/…) and by some plugins, for example Jetpack.

    If you can disregard all mentioned functionality – you can block xmlrpc.php
    On the other hand – xmlrpc.php should not be mentioned in HTML-code of your pages, it is present in HTTP-headers only

    Thread Starter frankpag1

    (@frankpag1)

    Thank you! So based on your info – I think we can disregard it. What do you recommend is the best way to delete it? To your knowledge – do we have to go in to the htaccess folder? THANKS!!!!!

    Moderator Yui

    (@fierevere)

    永子

    Your htaccess code above should work
    You can check this article by wpengine for detailed info and more ways to disable XML-RPC : https://wpengine.com/resources/xmlrpc-php/

    Thread Starter frankpag1

    (@frankpag1)

    Thanks. Will dig in!

    Thread Starter frankpag1

    (@frankpag1)

    We went into our test site > cPanel and accessed the Public HTML file. We deleted the file named: XMLRPC.PHP

    Can it be this simple? Can you think of any reason why this should not be done. The site seems fine. Thanks again!

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘xmlrpc’ is closed to new replies.