kb: how-to
Plesk for Linux
ABT: Group B
Applicable to:
- Plesk for Linux
Question
How to disable XML-RPC for a WordPress instance hosted in Plesk?
Answer
- Login into Plesk
- Open WordPress > example.com > Fix vulnerabilities > Security Measures
- Select Block access to xmlrpc.php and click Secure
Comments
2 comments
Hi, I´ve got a domain with enabled proxy mode and PHP server by Apache and I´ve applied the directive in the Additional Nginx Directives but the result when visit https://www.mydomain.com/xmlrpc.php is:
XML-RPC server accepts POST requests only.
So, the xmlrpc.php file keeps being vulnerable. What cai I do?
Hello,
is it possible to switch off the xmlrpc.php via default and/or e.g. with the “plesk ext wp-toolkit wp-cli ” via the CLI ?
Unfortunately I couldn't find anything specific.
Please sign in to leave a comment.