Filters whether XML-RPC methods requiring authentication are enabled.
Description
Contrary to the way it’s named, this filter does not control whether XML-RPC is fully enabled, rather, it only controls whether XML-RPC methods requiring authentication – such as for publishing purposes – are enabled.
Further, the filter does not control whether pingbacks or other custom endpoints that don’t require authentication are enabled. This behavior is expected, and due to how parity was matched with the enable_xmlrpc
UI option the filter replaced when it was introduced in 3.5.
To disable XML-RPC methods that require authentication, use:
add_filter( 'xmlrpc_enabled', '__return_false' );
For more granular control over all XML-RPC methods and requests, see the ‘xmlrpc_methods’ and ‘xmlrpc_element_limit’ hooks.
Parameters
$is_enabled
bool- Whether XML-RPC is enabled. Default true.
Source
$this->is_enabled = apply_filters( 'xmlrpc_enabled', $is_enabled );
Changelog
Version | Description |
---|---|
3.5.0 | Introduced. |
The last link above, “https://developer.wordpress.org/reference/hooks/xmlrpc_element_limit”, is broken.