Do you want to protect your site from hacker attacks? A great method is to remove the RSD link from the header. Let’s look at working methods.
This is an API protocol that is needed to remotely manage a WordPress site. For this, blog clients and web services are used.
In the engine code it looks like this:
<link rel="EditURI" type="application/rsd+xml" title="RSD" href="https://site.com/xmlrpc.php?rsd" />
This is the link that WP puts in the <head> section by default.
If you use the admin part to manage the site and publish materials, then it makes sense to disable this protocol. And that’s why.
Also see: How to Add Code to the WordPress Body
This link opens external connections for your resource. And this is a security vulnerability. Attackers can use this to gain full access and control.
How to remove RSD
Let’s look at a few simple options.
Clearfy Pro Plugin
If you have this module installed, then it will easily cope with the task.
- In the admin panel, open the Clearfy Pro section.
- Click on the Code tab.
- Activate Remove RSD link.
- Save your changes.
WP Header & Meta Plugin Tags
This is a separate solution that removes redundant code from the site header.
Download the extension from the free WordPress directory and activate it. Go to Settings > Header & Meta Tags, check the Remove All RSD Links Meta option, and click Save All Settings.
PHP code in functions.php
Find this file in your active theme directory and paste one line at the very end
remove_action( 'wp_head', 'rsd_link' );
Save the file.