What is xmlrpc.php file in wordpress ?
Its the file who allow remote connection and transfer the data.you should disable it because it adds security vulnerabilities to your site. Many plugins used it for brute force attack on website or server.
How to disable xmlrpc.php via .htaccess
You can download the plugin also which disable it from your wordpress admin > plugin section.
If you wish to disable manully then copy the below code and paste it into .htaccess file. Its good solution to secure the website until you need this for publishing the website or jetpack plugin
# Block WordPress xmlrpc.php requests
order deny,allow
deny from all
allow from xxx.xxx.xxx.xxx
Block all occurrence of xmlrpc
You can do this via (WHM -> Service Configuration -> Apache Configuration -> Pre-Main Include -> All Versions) to block xmlrpc server-wide
just put this code and save, restart the Apache server.
RedirectMatch 301 /xmlrpc.php http://127.0.0.1/
