XMLRPC Lockdown by AO Digital


XMLRPC Lockdown by AO Digital is an advanced version of the XMLRPC Lockdown plugin for WordPress. This plugin blocks access to xmlrpc.php for all requests except those from allowed services like Jetpack, the WordPress mobile application, and other specified services. It is designed to enhance your site’s security against xmlrpc attacks while maintaining functionality for essential tools.

With this updated version, users can also customize the list of allowed services via an optional settings page in the WordPress admin, making the plugin more versatile and adaptable to different needs.


For assistance with XMLRPC Lockdown Enhanced, or if you have questions or issues, please contact us at support@aodigital.com.au.


To install XMLRPC Lockdown, please follow these steps:

  1. Download the latest version of the plugin ZIP file from the WordPress plugin repository.
  2. Extract the ZIP file to your computer.
  3. Upload the entire xmlrpc-lockdown folder to the wp-content/plugins/ directory of your WordPress site.
  4. Log in to your WordPress dashboard and navigate to the “Plugins” page.
  5. Locate the XMLRPC Lockdown Enhanced plugin in the list and click “Activate”.

Once activated, the plugin will automatically start protecting your xmlrpc.php file. If you opt to use the settings page, you can navigate to Settings > XMLRPC Lockdown to customize the list of allowed services.


Read all 1 review

Contributors & Developers

“XMLRPC Lockdown by AO Digital” is open source software. The following people have contributed to this plugin.