Sometimes, we need to connect with our WordPress remotely or programmatically, for which WordPress comes with an excellent APIs. xmlrpc is very useful for the purpose of remote connectivity to the WordPress blog and can perform almost all the basic functions of WordPress. However, xmlrpc, provided by WordPress, has mostly been in limelight because of security concerns. xmlrpc can be leveraged and is prone to brute-force attacks, which makes it insecure to use it remotely. xmlrpc was enabled by default in earlier versions of WordPress, however, nowadays, it seems to be not activated by default.
One of the best and secure practice to remotely connect to WordPress with xmlrpc is by using the Manage XML-RPC plugin. One of the best features provided by this plugin is IP blocking. Manage XML-RPC allows you to grant remote access using xmlrpc to specific IP addresses or even block remote access to specific/all IPs. Below is the detailed guide on installing Manage XML-RPC plugin on your WordPress installation and configuring it.
Installing Manage XML-RPC plugin
Login to your WordPress admin panel. Click on Plugin in the left-hand side pallet and then click on Add New button.
Search for Manage XML-RPC and select the one as shown. Proceed to install the plugin.
Configure Manage XML-RPC plugin
- Click on XML-RPC Settings menu that appears at the bottom of the left-hand menu of your WordPress dashboard.
- Allow access to specific IPs or block specific IPs as shown below and save your changes.
Once you have saved the changes, you are all set up to use XML-RPC.
You can check the below link to refer to a sample code to connect remotely to WordPress using a Python script. The code is built with Python 2.7 using Python’s library – xmlrpclib.