Blocking WordPress XMLRPC Access to All of Your WordPress Sites

Create the configuration file:

touch /etc/apache2/conf-available/block-wp-xmlrpc.conf

Fill it with the following contents:

<Directory /home/*/public_html/*/>
    <files xmlrpc.php>
      order allow,deny
      deny from all
    </files>
</Directory>

And then enable it:

a2enconf block-wp-xmlrpc.conf
service apache2 reload

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.