Back to Step 4 | Skip to Step 6
Disabling XML-RPC
Log into your WordPress admin page again by going to www.mysite.com/wp-admin as normal
This time you’ll see a new window asking for your Protected login username and password. This is the new level of protection you just applied in Step 4: so just enter your new username and password to continue…
After you’ve logged with that new password, you’ll also need to log in with your original WordPress password too. Keep the two logins different from each other!
Once logged back into WordPress, hover over Plugins in the menu on the left, and then click Add New
Into the search box that you see, enter Disable XML-RPC Pingback. In the search results, click Install Now as below:
At the prompt “Are you sure you wish to install the plugin?” click Yes, and then click Activate plugin:
You’ve now completed the really important changes, so you could stop here if you really had to, but there are still a few more things you can tweak to make your website work faster and be yet more secure.