XML-RPC allows you to post on your WordPress blog using popular weblog clients like Windows Live Writer. It is also needed if you are using the WordPress mobile app. It is also needed if you want to make connections to services like IFTTT.
Disable WordPress XML-RPC with .htaccess
# Block WordPress xmlrpc.php requests order deny,allow deny from all allow from 126.96.36.199
Create a blank file in a text editor. Call it .htaccess and paste the following code in there:
<Files *.php> deny from all </Files>
Now upload this file in these folders
Code Explanation: This code checks for any PHP file and denies access to it.
3. Disable File Editing
You can easily do this by adding the following code in your wp-config.php file.
// Disallow file edit define( 'DISALLOW_FILE_EDIT', true );
4. Limit Login Attempts
5. Disable Directory Indexing and Browsing
locate the .htaccess file in your website’s root directory. After that, you need to add the following line at the end of the .htaccess file: