Simple Disable XML-RPC | Reduce Brute Force & DDOS Attacks

Description

Simple Disable XML-RPC is a lightweight, powerful WordPress plugin that gives you complete control over your site’s XML-RPC functionality. Protect your WordPress site from brute force attacks, DDoS attempts, and other XML-RPC security vulnerabilities with just one click.

🔒 Why Disable XML-RPC?

XML-RPC is a remote communication protocol that allows external applications to interact with your WordPress site. While useful for some services, it’s frequently exploited by attackers for:

• Brute Force Attacks – Automated password guessing attempts
• DDoS Attacks – Overwhelming your server with requests
• Resource Exhaustion – Slowing down your website
• Pingback Vulnerabilities – Exploiting pingback features

✨ Key Features

• 🎯 One-Click Control – Modern toggle switch interface (NEW in v1.4.0)
• 🔐 Enhanced Security – Block XML-RPC attacks instantly
• ⚡ Improved Performance – Reduce server load and resource usage
• 🎨 Beautiful Admin Interface – Clean, modern card-based design (NEW in v1.4.0)
• 🌐 Translation Ready – Fully internationalized and translation-ready
• 📱 Mobile Responsive – Settings page works perfectly on all devices
• 🧹 Clean Uninstall – Removes all data when uninstalled
• ⚙️ Developer Friendly – Well-coded, follows WordPress standards
• 🔄 Regular Updates – Actively maintained and tested with latest WordPress versions
• 💯 Lightweight – No bloat, minimal impact on your site

🆕 What’s New in Version 1.4.0

• ✅ Modern toggle switch replaces old checkbox
• ✅ Beautiful card-based admin interface
• ✅ Enhanced security with proper sanitization
• ✅ Better code organization (OOP approach)
• ✅ Improved accessibility and UX
• ✅ Removes X-Pingback header when disabled
• ✅ Fixed activation redirect for bulk installations
• ✅ Better mobile responsive design

🎯 Perfect For

• Security-focused website owners
• Sites that don’t use mobile apps or remote publishing
• Sites experiencing XML-RPC attacks
• Performance-conscious administrators
• Anyone wanting better control over WordPress features

🔧 How It Works

This plugin uses the native WordPress xmlrpc_enabled filter to safely disable XML-RPC without modifying core files. Simply activate the plugin, toggle the switch on the settings page, and you’re protected!

⚠️ Important Note

Disabling XML-RPC may affect:
* WordPress mobile apps
* Jetpack (some features)
* Remote publishing tools
* Pingbacks and trackbacks
* Third-party services that rely on XML-RPC

Only disable XML-RPC if you don’t use these features.

🤝 Contributing & Bug Reports

Bug reports and pull requests are welcome on GitHub. Help us make this plugin better!

💝 Support the Development

If you find this plugin helpful, please consider:
* ⭐ Rating it 5 stars
* 🐛 Reporting bugs
* 💬 Suggesting features
* ☕ Buying us a coffee

Privacy Policy

Simple Disable XML-RPC does not:

• Collect any user data
• Store any personal information
• Make external API calls
• Use cookies or tracking
• Send data to third parties

The plugin only stores one setting in your WordPress database: whether XML-RPC is enabled or disabled.

Support

Need help? We’re here for you!

• 📖 Documentation
• 💬 Support Forum
• 🐛 Report Bugs
• ⭐ Rate Plugin

Credits

Developed with ❤️ by WordPress Satkhira Community

Contributors:
* wpdelower
* monarchwp23

Special thanks to all our users and contributors who help make this plugin better!