WordPress XML-RPC Endpoint Validator

Tuesday, March 13, 2018


WordPress XML-RPC Endpoint Validator

https://xmlrpc.eritreo.it/

 https://codex.wordpress.org/XML-RPC_Support

 To disable the xmlrpc add the following code into the function.php of the theme

 add_filter('xmlrpc_enabled', '__return_false');
To enable the xmlrpc add the following code into the function.php of the theme

 add_filter('xmlrpc_enabled', '__return_true');
WordPress uses the XML-RPC remote publishing interface in order to provide a standardized way to transfer data between 3rd party clients, like mobile/desktop apps, and the core of the CMS. These 3rd party clients may ask for something like an XML-RPC (or API) endpoint, which will usually is your blog domain followed by “xmlrpc.php". So, for example, if your site was at daniloercoli.wordpress.com, your endpoint would be:
https://daniloercoli.wordpress.com/xmlrpc.php or https://daniloercoli.wordpress.com/xmlrpc.php
The Endpoint requires username/password, this is the same username and password that you use to login to WordPress, and it’s secure like the browser login.
Themes and Plugins can interact and change the behavior of the XML-RPC Endpoint, by adding new methods, or modifying the response document. There are actually a lot of plugins that interact with it in some way, but unfortunately, plugins and themes could break the XML-RPC endpoint,  or invalidate the XML response document. When I need to reply to a question about the EndPoint that’s not working on a self-hosted installation of WordPress I usually reply with the following words:
Did you try with the default theme and with no active plugins?
Trying it with the default theme and plugins disabled will help pin down where the problem is. If everything works then you go back and enable your theme and then try it again. If everything still works then you go back and activate each plugin one at a time until you find the one that is causing the breakage.

The Validator
Since my team and I usually spend a lot of time replying to questions on issues on the XML-RPC endpoint of WordPress sites, I’ve decided to write a web tool that can be used to easily test the Endpoint. This tool should speed up our work, and will give to users a simple way to test the endpoint of their sites. I wrote this tool in PHP (https://github.com/daniloercoli/WordPress-XML-RPC-Validator), by using WordPress as framework, and for simplicity in this first release it’s a plugin that adds a page to your site. That page embeds the XML-RPC validator. It does some XML-RPC calls to your blog, checks the response documents, and in case of errors gives back hints on how to fix the issue. At this moment it’s just an experiment, no fancy UI there, but I will probably improve it over the time. A live version of the validator is available here.  Please, contribute to the project 🙂

Leave a Reply

Subscribe to Posts | Subscribe to Comments

Labels

Powered by Blogger.

- Copyright © Bongvireak - Blogger Templates - Powered by Blogger - Designed by Johanes Djogan -