‘XML-RPC methods missing on the server’ when trying to log in WordPress App

  • Hi

    I have two domains hosted by one host (A2 hosting). I want to manage my websites using WordPress app but it keeps showing that ‘XML-RPC methods missing on the server’ when using either of the site address to log in. To be hnost. I am not quite sure what the ‘XML-RPC’ is. After researching the articles related the similar issue in this forum, I tried de-activating all the plugins, reinstalling WordPress as well as contacting A2 Hosting (host) but to no avail. The host told me they tested the access through web browsers and found no issues so they believe that it is the third party issue. In other ward, they meant the WP app. I tried another app, Jetpack as well. Unfortunately, it is still the same result. Does anyone have better ideas on that? Thank you

Viewing 5 replies - 1 through 5 (of 5 total)
  • Moderator James Huff

    (@macmanx)

    What’s the URL of your site?

    Thread Starter thebushwalker

    (@thebushwalker)

    Hi James,

    My two sites,

    laowang.au

    thebushwalker.com

    Moderator James Huff

    (@macmanx)

    While your sites are publicly accessible, neither the apps nor Jetpack can access your sites’ XML-RPC files: https://laowang.au/xmlrpc.php and https://thebushwalker.com/xmlrpc.php

    This files are used by the apps, Jetpack, and other plugins and services to connect to your site. It must return the following message: XML-RPC server accepts POST requests only.

    You can see a working example here: https://www.ads-software.com/xmlrpc.php

    Since your sites return a 404 error for this page, I would recommend that you check the following:

    1) Can you see the /xmlrpc.php file at the root of your WordPress installation when accessing your site via FTP? If you don’t, then please try re-installing WordPress. You can do this by going to the Dashboard -> Upgrades page, then click the “Reinstall WordPress” button.

    2) Do you use any security plugins that may block access to this file? If so, could you try to disable them? You might also want to check your site’s .htaccess file for any rules that might be blocking access to the xmlrpc.php file.

    3) Does your hosting provider block access to this file? If you don’t find any plugin that may block access to the file on your site, I would recommend that you get in touch with your host. Our recommended hosts do not block XML-RPC: https://www.ads-software.com/hosting/

    Why does the Jetpack app still use XMLRPC? I understand backwards compatibility but shouldn’t it priritise RestAPI if XMLRPC is switched off? By forcing XMLRPC, you are opening up the wordpress installation to vulnerabilities.

    Moderator James Huff

    (@macmanx)

    XML-RPC is no more insecure than your password, and there are far more efficient and less obstructive ways to secure your site.

    Blocking XML-RPC is not an excellent solution for fighting security risks. Instead, it’s akin to selling your car because you don’t want it to be stolen.

    Your site’s XML-RPC file is like a communication gateway to your site. The WordPress Mobile Apps and several plugins and services will use that file to communicate with your site. If it’s blocked, different issues will pop up down the road for the same reasons.

    Our recommended hosting providers have also found other ways to protect their servers without hindering your site and your ability to use apps and connected plugins/services with your WordPress site.

Viewing 5 replies - 1 through 5 (of 5 total)
  • You must be logged in to reply to this topic.

Tags