Update! Since Hide My WP Ghost 5 we added the IP filter in XML-RPC to let apps like Zapier and Aliexpress to access the website xml-rpx.php and block the hackers.
Everybody knows that Zapier is a great tool when you need to create automated tasks on your WordPress site or to trigger an action when you create new posts or pages
We recently tested Zapier to create new posts in WordPress while Hide My WP Ghost plugin is activated.
We noticed that Zapier needs the xml-rpc.php file access to work properly and we switched off the option Hide My WP > Change Paths > API Security > Disable XML-RPC access. With this option off we were able to create and promote our posts on Social Media.
Having this option OFF it’s not safe for your website. Many brute force attacks are made through this URL. Sometimes you need to make compromises in order to prevent functionality issues.