Stop xmlrpc.php attack on Cpanel Server

xmlrpc.php is part of wordpress. It is used for some API. This is used by hackers to bruteforce WordPress installations, that can cause high server load and slow server performance.

On cpanel server, to prevent xmlrpc.php attack go to

WHM > Service Configuration > Apache Configuration > Include Editor

click on “Pre Main Include”, then select your apache version.

On text box below, paste


  RedirectMatch 301 /xmlrpc.php http://127.0.0.1/

Click Update.

Prevent xmlrpc.php attack on Cpanel Server

All request to xmprpc.php will be blocked.

Need help with Linux Server or WordPress? We can help!

Leave a Reply

Your email address will not be published. Required fields are marked *