There are plugins for that: e.g. http://wordpress.org/plugins/disable-xml-rpc/
You can also write a filter yourself
add_filter('xmlrpc_enabled', '__return_false');
You can simply add this code your theme functions.php (located in wp-content/themes/your_theme).
However, you are advised to create a child theme (http://codex.wordpress.org/Theme_Development) so that your modification does not disappear when you update the theme.
Alternatively, you can create your plugin (http://codex.wordpress.org/Writing_a_Plugin) where you will put all your WordPress tweaking.
I also add the following for a better protection:
/**
* Secure WordPress by removing version
*/
remove_action('wp_head', 'wp_generator');
/**
* Secure WordPress by hiding login errors
*/
function hide_login_errors($errors) { return 'login error'; }
add_filter('login_errors', 'hide_login_errors', 10, 1);
Related Posts:
- WordPress as XML-RPC client?
- How to enable wpautop for XMLRPC content
- Extending xml rpc – best practice
- How do I know if my site is using the xmlrpc.php file?
- XML-RPC: Add category to post data
- How Enable XML-RPC in WP 4.8.2
- XMLRPC and Underscored custom fields
- Creating post content from external web scraper via JSON or RPC
- wp.getUsers XML-RPC method is returning only 50 users, how can i get all the users
- xmlrpc.php Returning 405 Response Code
- Simply deleting XMLRPC file
- Storing an XML Response (Transient)?
- Problem with Create Post using metaWeblog.newPost or wp_insert_post
- Is it possible to change a blog’s theme through XML-RPC command? (and if so how?)
- How pull wordpress blog data using Blogger API using python
- Create a new post in wordpress with XML-RPC with the correct GUID?
- Working code example of PHP XML-RPC connex to site?
- Automated posting to wordpress from commandline or XMLRPC API on Dreamhost
- Posting via HTTP requests?
- Why is minimum_args protected?
- Multiple new posts using XML-RPC?
- Is it possible write, publish and edit posts with WordPress from console aka terminal?
- How to enable xmlrpc in WordPress 5?
- modify post meta data remotely without xmlrpc
- XMLRPC newPost post_content issue
- Can XMLRPC set show_on_front/page_on_front?
- Send an extra parameter with xml-rpc login?
- Is there any image size limit for wordpress xml-rpc?
- XML-RPC and $wpdb
- XMLRPC won’t connect?
- wp.setOptions of the XML-RPC API does not appear to work
- How to list updates using WordPress XML-RPC methods
- Is XML-RPC still a security risk?
- Get Post meta via XML-RPC using wp.getPost
- How to process shortcodes in XML-RPC
- “XML-RPC server accepts POST requests only” error message
- New post created with XML-RPC works fine but fails to assign category
- Tagging posts to custom taxonomies using XMLRPC in R
- Getting all posts from an XMLRPC request [duplicate]
- not well-formed (invalid token) at line 15, column 51, byte 720 when trying to parse XMLRPC call
- XML-RPC aplication blocked by the hosting
- Weblog clients cannot retrieve posts: An invalid hexadecimal character (0x7) was found in the element content of the document
- Using XML RPC to import data into WordPress
- Page content sent from XML RPC is corrupted
- metaWeblog.getRecentPosts is returning nothing in my iphone app
- tag is ignored when using xml-rpc
- How to read newpost return post ID value as integer for xmlrpc
- Enabling XML-RPC Accross 500 blogs
- Retrieve username and password from XMLRPC request
- WordPress site hacked. Has .htaccess been hacked?
- How to validate XML-RPC post creation and cancel when needed?
- Is there a way to get protected meta fields through any of the available built-in WordPress APIs? (xmlrpc, wp-json)
- xmlrpc_enabled filter not called
- Disable links in header (feeds and such)
- How to get all posts (in chunks) via XML-RPC?
- get total number of images from media using xml-rpc
- How can I find security hole in my wordpress site?
- How do i disable/disallow and tags in TinyMCE?
- wordpress inserting posts programatically through a url
- Hacked WordPress website, as notified by Google Search Console, what to do? [closed]
- Is it possible to post with Word 2007 via XML-RPC and limit categories by user?
- Block only external access to wp-cron.php on OpenLiteSpeed
- Unfamiliar query string in Google Search Console URL not found
- wp-config.php modified?
- WordPress can’t find IXR_Client
- How to prevent wp-login brute force attack from thousand of different IP? [duplicate]
- Files automatically added
- XML-RPC and post_date
- How To Clean The Malware Infected & Hacked WordPress Websites? [duplicate]
- getting casino links on my woocommerce site [closed]
- Getting trackpacks/pingbacks for a post via wordpress?
- wp-admin folder removed by hacker [closed]
- How do I programmatically create new posts of a custom post type over the XML-RPC API?
- How to edit feature image with XML RPC?
- How to fight this wp-info.php exploit? [closed]
- What can I do when an outside party hacks into my weblog and changes my display name?
- Server hacked: correct contents of wp-uploads directory? [closed]
- Website show Google Ads when we have no Google Ads linked to our website
- How do I disable XML-RPC in WordPress Multisite?
- How To Post WordPress Custom Post Types to Twitter via IFTTT
- Spam pages hack? [closed]
- Cannot save underscore custom fields in one wordpress installation using xmlrpc and underscores
- Can’t access htaccess [closed]
- Site blocked by WebSense on fresh WP Install
- WordPress disable direct access of files in WordPress installation path
- Is this a hack? WordPress Usernames of every website we have changed into one single name automatically?
- Avoid duplicate posts with xml rpc
- Should I prevent access to .htaccess and wp-config.php files?
- how can i find malware code and remove from wordpress site to stop it redirecting to hackers click view pages
- Have I been hacked – getting new site setup email for 8 localhost wordpress sites
- Replacing nav-menus.php file with standard clean one?
- looking for indoxploit hack solution [closed]
- Some code is added automatically to my site’s header – what is it?
- Hacked site using transient API?
- How can hackers access WP usernames? [duplicate]
- XML RPC -> Create User
- Custom category for posts via XMLRPC
- WordPress installer attack
- Clean/filter HTML inserted to post content by XML RPC
- Is my WP site being hacked?