A Complete Guide on xmlrpc.php in WordPress (What It Is, Security Risks, How to Disable It)

A Complete Guide on xmlrpc.php in WordPress (What It Is, Security Risks, How to Disable It)

Author: Kinsta

Date: July 6, 2020 

Category: Performance, Security, Tips and tricks, Tutorials, Webhosting

wprssaggregator A Complete Guide on xmlrpc.php in WordPress (What It Is, Security Risks, How to Disable It)

The XML-RPC WordPress specification was developed to standardize communication between different systems, meaning that applications outside WordPress (such as other blogging platforms and desktop clients) could interact with WordPress.

Try a free demo

This specification has been a part of WordPress since its inception and did a very useful job. Without it, WordPress would have been in its own silo, separated from the rest of the internet.

However, xmlrpc.php has its downsides. It can introduce vulnerabilities to your WordPress site and has now been superseded by the WordPress REST API, which does

This is the first part of the original article by Kinsta.
Click here to read the full article in a new tab!


A Complete Guide on xmlrpc.php in WordPress (What It Is, Security Risks, How to Disable It)

World of WordPress is hosted by:

Servebolt: next level high performance hosting.

While others try to add more components to their hosting to make it go faster, we decided to build our hosting cloud fast from the ground up. We did so by stripping out everything we knew was deadweight.


toolset logo tag line white A Complete Guide on xmlrpc.php in WordPress (What It Is, Security Risks, How to Disable It)