What Is the RSD Link in WordPress and Can You Remove It?

In your WordPress site’s source code, you’ll find this line in the :

<link rel="EditURI" type="application/rsd+xml" title="RSD" href="https://yoursite.com/xmlrpc.php?rsd" />

This is the RSD (Really Simple Discovery) link. It tells external editing applications where to find your site’s XML-RPC endpoint. It was designed for a world where people used desktop blogging clients like Windows Live Writer to publish WordPress posts remotely.

That world doesn’t exist anymore. But the link is still there, on every page, for every visitor.

What is RSD?

RSD stands for Really Simple Discovery. It’s an XML-based protocol that helps blogging clients automatically detect the APIs available on your site. When a desktop application wanted to connect to your blog, it would fetch the RSD document to discover which endpoints were available (XML-RPC, Atom Publishing Protocol, etc.).

The link points to xmlrpc.php?rsd, which returns an XML document listing your site’s available APIs. If you’ve already disabled XML-RPC (which you should have), this endpoint serves even less purpose.

Why should you care?

It advertises XML-RPC. The RSD link explicitly points to xmlrpc.php, confirming its existence and location. If you’ve taken steps to secure or disable XML-RPC, this link undermines that effort by advertising the endpoint.

Nobody uses it. Windows Live Writer was discontinued in 2017. Modern publishing tools use the REST API. Desktop blogging clients that relied on RSD are essentially extinct. You’re maintaining a link for software nobody runs.

It’s one more tag in an already cluttered . Every unnecessary tag adds bytes to every page response. Small, but cumulative across 44 similar cleanup items.

The quick fix

// Remove RSD link from head
remove_action( 'wp_head', 'rsd_link' );

One line. The tag disappears from your page source.

The one-click solution

OvKit includes Remove RSD Link under Features → Cleanup. One toggle.

What happens after you fix this?

• The EditURI link disappears from every page’s
• XML-RPC endpoint is no longer advertised to the public
• Cleaner HTML source — one step closer to a minimal

FAQ

### Is it safe to remove the RSD link?

Yes, completely safe. Unless you’re actively using a desktop blogging client that connects via XML-RPC (extremely unlikely in 2026), the RSD link serves no purpose. No modern WordPress feature depends on it.

### Should I remove this even if I haven’t disabled XML-RPC?

Removing the RSD link doesn’t disable XML-RPC — it just stops advertising it. You should do both: disable XML-RPC and remove the RSD link. But removing the link alone is still a minor improvement.

### Does this work with multisite?

Yes. The remove_action call works on both single-site and multisite WordPress installations.

---

Related reads:

• Windows Live Writer Manifest in WordPress — Safe to Remove?
• What Is XML-RPC in WordPress and Why You Should Disable It
• WordPress Shortlinks in Head: What They Are and How to Remove