Simple Disable XML-RPC | Reduce Brute Force & DDOS Attacks
<strong>Modern Settings Page</strong> - Beautiful card-based interface with toggle switch
Simple Disable XML-RPC is a lightweight, powerful WordPress plugin that gives you complete control over your site’s XML-RPC functionality. Protect your WordPress site from brute force attacks, DDoS attempts, and other XML-RPC security vulnerabilities with just one click.
π Why Disable XML-RPC?
XML-RPC is a remote communication protocol that allows external applications to interact with your WordPress site. While useful for some services, it’s frequently exploited by attackers for:
- Brute Force Attacks – Automated password guessing attempts
- DDoS Attacks – Overwhelming your server with requests
- Resource Exhaustion – Slowing down your website
- Pingback Vulnerabilities – Exploiting pingback features
β¨ Key Features
- π― One-Click Control – Modern toggle switch interface (NEW in v1.4.0)
- π Enhanced Security – Block XML-RPC attacks instantly
- β‘ Improved Performance – Reduce server load and resource usage
- π¨ Beautiful Admin Interface – Clean, modern card-based design (NEW in v1.4.0)
- π Translation Ready – Fully internationalized and translation-ready
- π± Mobile Responsive – Settings page works perfectly on all devices
- π§Ή Clean Uninstall – Removes all data when uninstalled
- βοΈ Developer Friendly – Well-coded, follows WordPress standards
- π Regular Updates – Actively maintained and tested with latest WordPress versions
- π― Lightweight – No bloat, minimal impact on your site
π What’s New in Version 1.4.0
- β Modern toggle switch replaces old checkbox
- β Beautiful card-based admin interface
- β Enhanced security with proper sanitization
- β Better code organization (OOP approach)
- β Improved accessibility and UX
- β Removes X-Pingback header when disabled
- β Fixed activation redirect for bulk installations
- β Better mobile responsive design
π― Perfect For
- Security-focused website owners
- Sites that don’t use mobile apps or remote publishing
- Sites experiencing XML-RPC attacks
- Performance-conscious administrators
- Anyone wanting better control over WordPress features
π§ How It Works
This plugin uses the native WordPress xmlrpc_enabled filter to safely disable XML-RPC without modifying core files. Simply activate the plugin, toggle the switch on the settings page, and you’re protected!
β οΈ Important Note
Disabling XML-RPC may affect:
* WordPress mobile apps
* Jetpack (some features)
* Remote publishing tools
* Pingbacks and trackbacks
* Third-party services that rely on XML-RPC
Only disable XML-RPC if you don’t use these features.
π€ Contributing & Bug Reports
Bug reports and pull requests are welcome on GitHub. Help us make this plugin better!
π Support the Development
If you find this plugin helpful, please consider:
* β Rating it 5 stars
* π Reporting bugs
* π¬ Suggesting features
* β Buying us a coffee
Privacy Policy
Simple Disable XML-RPC does not:
- Collect any user data
- Store any personal information
- Make external API calls
- Use cookies or tracking
- Send data to third parties
The plugin only stores one setting in your WordPress database: whether XML-RPC is enabled or disabled.
Support
Need help? We’re here for you!
- π Documentation
- π¬ Support Forum
- π Report Bugs
- β Rate Plugin
Credits
Developed with β€οΈ by WordPress Satkhira Community
Contributors:
* wpdelower
* monarchwp23
Special thanks to all our users and contributors who help make this plugin better!