Yes. On WordPress.com sites, all communication (done over xmlrpc.php
) is by default using an encrypted connection via SSL.
For self-hosted WordPress sites with SSL enabled, WordPress 2.6.1 or later supports pointing the RSD information at the “https” version of xmlrpc.php
. This creates an encrypted communication link with the app.
To ensure encrypted communication with your self-hosted WordPress site, follow these steps:
- Enable SSL on your hosting server: Ensure that your hosting provider has SSL enabled for your site. You can check this by accessing your site via
https://yoursite.com
. - Update your WordPress settings:
- Log in to your WP Admin.
- Navigate to Settings → General.
- Update the WordPress Address (URL) and Site Address (URL) to use
https
.
- Verify the RSD information:
- The RSD information should automatically point to the “https” version of
xmlrpc.php
. You can verify this by viewing the source code of your site’s homepage and searching for thexmlrpc.php
link. Ensure it useshttps
.
- The RSD information should automatically point to the “https” version of
If you need more help with SSL you can contact the hosting provider.