Can I delete xmlrpc.php in WordPress 3.5 ? | WordPress.org

dailyblogtips
(@dailyblogtips)

10 years, 8 months ago

My site (running WP 3.5.2) is getting a lot of malicious traffic to domain.com/xmlrpc.php, to the point that the server is not being able to handle it.

I tried to disable it via the wp-config.php and with a plugin, but it didn’t solve the problem.

Now I am considering to completely remove the php file, but I would like to be sure I won’t destroy other things.

Does anyone know if it’s safe to remove that file?

Viewing 4 replies - 1 through 4 (of 4 total)

John Parris
(@mindctrl)

10 years, 8 months ago
If you have access to your .htaccess file, try blocking access to the xmlrpc file instead of removing it. Note, this will break any apps that use it, like the WP mobile app I believe.
```
<Files xmlrpc.php>
  Satisfy any
  Order allow,deny
  Deny from all
</Files>
```
Thread Starter dailyblogtips
(@dailyblogtips)

10 years, 8 months ago

That might be a solution. I’ll test it out, thanks.

John Parris
(@mindctrl)

10 years, 8 months ago

Cool, let us know how it goes. If it fixes your issue, can you mark this thread resolved?

Thread Starter dailyblogtips
(@dailyblogtips)

10 years, 8 months ago

Sure if it solves the problem I’ll mark the thread as resolved. Still testing it out though.

Viewing 4 replies - 1 through 4 (of 4 total)

The topic ‘Can I delete xmlrpc.php in WordPress 3.5 ?’ is closed to new replies.

In: Fixing WordPress
4 replies
2 participants
Last reply from: dailyblogtips
Last activity: 10 years, 8 months ago
Status: not resolved

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics