If you do not need this feature in WordPress disable XML-RPC. The xmlrpc.php file in WordPress allows users to perform remote actions with their website.XML-RPC DDoS and another XML-RPC attack such as brute force take advantage of this feature. WordPress Disable XML-RPC Instructions Install A WordPress Security Plugin The easiest was to disable the XML-RPC… Continue Reading »
XML-RPC is a remote procedure call protocol (RPC) that uses the Extensible Markup Language (XML) developer by Dave Winer in 1998. WordPress XML-RPC provides you the ability perform remote actions on your website such as make updates from your smarthphone app, use trackbacks and pingbacks, and use certain features of Jetpack.
WordPress added the XML-RPC support in version 2.6 and made it enabled by default in version 3.5. Unfortunately, XML-RPC makes WordPress more vulnerable and it is recommended to disable XML-RPC if it is not needed.