Title: Disable xmlrpc.php Last modified: August 16, 2023 --- # Disable xmlrpc.php * Resolved [Foliferous](https://wordpress.org/support/users/revs/) * (@revs) * [2 years, 9 months ago](https://wordpress.org/support/topic/disable-xmlrpc-php/) * Hello, * our site was victim of a brute force attack (and I believe other attacks). I was told by our provider to disable xmlrpc.php, amongst other suggestions. * I see that WordFence, in “Logic security settings”, has this checkbox called “** Disable XML-RPC authentication**“. * I just wanted to ask if this does the same as disabling xmlrpc.php in .htaccess, e.g. through a piece of code like: * ```wp-block-code Require all denied ``` * Thank you! Viewing 2 replies - 1 through 2 (of 2 total) * Plugin Support [wfphil](https://wordpress.org/support/users/wfphil/) * (@wfphil) * [2 years, 9 months ago](https://wordpress.org/support/topic/disable-xmlrpc-php/#post-16976702) * Hi [@revs](https://wordpress.org/support/users/revs/) * Our option for disabling login attempts via the XML-RPC interface is done via PHP and not via a .htaccess file. * Thread Starter [Foliferous](https://wordpress.org/support/users/revs/) * (@revs) * [2 years, 9 months ago](https://wordpress.org/support/topic/disable-xmlrpc-php/#post-16976726) * Thanks [@wfphil](https://wordpress.org/support/users/wfphil/)! * Okay, that’s good to know. But it’s the same thing, right? I’m not expert and was just told by my hosting provider to disable xmlrpc.php. * Since our site was hacked and I had no access to the WP admin panel, I wanted to do it via .htaccess. * The brute force attack has ended now, so I can access the admin panel again. * Since Wordfence already disables xmlrpc.php, there’s no need to disable it manually through .htaccess, right? I suppose it’s the same thing? * Thank you once more 🙂 Viewing 2 replies - 1 through 2 (of 2 total) The topic ‘Disable xmlrpc.php’ is closed to new replies. * ![](https://ps.w.org/wordfence/assets/icon.svg?rev=2070865) * [Wordfence Security - Firewall, Malware Scan, and Login Security](https://wordpress.org/plugins/wordfence/) * [Frequently Asked Questions](https://wordpress.org/plugins/wordfence/#faq) * [Support Threads](https://wordpress.org/support/plugin/wordfence/) * [Active Topics](https://wordpress.org/support/plugin/wordfence/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/wordfence/unresolved/) * [Reviews](https://wordpress.org/support/plugin/wordfence/reviews/) ## Tags * [htaccess](https://wordpress.org/support/topic-tag/htaccess/) * [xmlrpc.php](https://wordpress.org/support/topic-tag/xmlrpc-php/) * 2 replies * 2 participants * Last reply from: [Foliferous](https://wordpress.org/support/users/revs/) * Last activity: [2 years, 9 months ago](https://wordpress.org/support/topic/disable-xmlrpc-php/#post-16976726) * Status: resolved