Disable XML-RPC

Disable XML-RPC

What It Does

This module allows you to disable XML-RPC entirely or restrict it to specific IP addresses or applications. You can also choose to disable specific XML-RPC methods that are commonly exploited.

This module enhances the WordPress login and authentication system to prevent unauthorized access.

Why It Matters

When attackers want to hack into a WordPress site, they search for all available information.

Disclosing sensitive information makes it easier for attackers to find vulnerabilities and exploit them.

Protecting sensitive data prevents information disclosure that could be used against your website.

How to Use

Activate this module in the Sensitive Data section of SecuPress settings.

Once activated, you can choose to disable XML-RPC entirely or configure restrictions. If you use applications that require XML-RPC (such as mobile apps or remote publishing tools), you can configure the module to allow access only from specific IP addresses or applications.

Once activated, the module works automatically and provides protection for your website.

If you encounter any issues after activation, you can temporarily deactivate the module. The module will automatically remove its protection rules when deactivated.