Essential Classy Addons For Elementor

Limited Time Offer, Flat 40% off on xmas23 Code.
XML-RPC for WordPress was designed to enable remote connections between your site and external applications.


There are security risks associated with leaving XML-RPC enabled. 
These can include: Brute Force Attacks and DDoS Attack

There are two ways.

1. Custom code in function.php

add_filter('xmlrpc_enabled', '__return_false');
add_filter('wp_headers', 'removeXPingback');
add_filter('pings_open', '__return_false', 9999);
function removeXPingback($headers) {
	unset($headers['X-Pingback'], $headers['x-pingback']);
	return $headers;

2. .htaccess

# Block WordPress xmlrpc.php requests

order deny,allow
deny from all
allow from

You can replace with an IP address you wish to give access to xmlrpc.php. If you wish to remove access completely, you can simply remove this line.

3. Using EC Addons