Update to this article: On most of our servers we now block XML-RPC access by default so there is no need to install an XML-RPC blocker if you are hosted with computerjazz.net

Please contact us if you have a use case where you need to enable XML-RPC for your WordPress website.

XML-RPC

All WordPress installations have a function called XML-RPC enabled by default.

This is generally used for PingBacks but can also be used to post articles remotely.

The Problem

The only problem is that bots love this thing and will hammer it night and day for use in DDos like attacks.

This also chews up heaps of bandwidth.

The Solution
If you are running WordPress add a plugin that disables XML-RPC.

Go Plugins - Add new - Search for Disable XML-RPC and install the most popular and latest updated plugin. You can google to find out which is the most effective plugin however the one calleed "Disable XML-RPC" is pretty good at the time of writing.

Activate the plugin and forget about it.