Applicable to:
- Plesk for Linux
Question
How to disable XML-RPC for WordPress?
Answer
-
Add the following additional nginx directives in Domains > example.com > Apache & nginx Settings:
CONFIG_TEXT: location = /xmlrpc.php {
deny all;
}
if (!-e $request_filename) {
set $test P;
}
if ($uri !~ ^/(plesk-stat|webstat|webstat-ssl|ftpstat|anon_ftpstat|awstats-icon|internal-nginx-static-location)) {
set $test "${test}C";
}
if ($test = PC) {
rewrite ^/(.*)$ /index.php?$1;
}These directives will block requests to WordPress XML-RPC and process WordPress permalinks correctly.
-
Add the following additional nginx directives in Domains > example.com > Apache & nginx Settings:
CONFIG_TEXT: location /xmlrpc.php {
deny all;
}This directive will block requests to WordPress XML-RPC.
Warning: not confirmed solution for apache-only:
Note: Disable all XML-RPC functionality can cause security issues and is not recommended.
-
Navigate to Domains > example.com > File Manager and open the file .htaccess file in the root directory of the WordPress installation
-
Add the following code at the top of the file:
CONFIG_TEXT: <files xmlrpc.php>
Order allow,deny
Deny from all
</files>
Comments
0 comments
Please sign in to leave a comment.