I sometimes get ‘‘error establishing a database connection’’ with one of my wordpress sites.
After typing this: ‘‘grep xmlrpc /var/log/apache2/access.log’’ I got a similar output showing a XML-RPC attack and enabled block-xmlrpc.
My question is that is there any issue with enabling block-xmlrpc? Should I enable it on my other wordpress site as well?
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Hi there @rem3n,
The XMLRPC is used to allow remote updates to WordPress from other applications. If you are not using this functionality you can disable it I believe.
For example, you could add the following to your .htaccess file to prevent all access to that file:
# Block WordPress xmlrpc.php requests
<Files xmlrpc.php>
order deny,allow
deny from all
</Files>
# END protect xmlrpc.php
Hope that this helps! Regards, Bobby
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and AI-native businesses
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.