Often at time, malicious traffic can be occur by accessing xmlrpc.php rapidly, creating high server load, or causing limits to be reached within the server. By configuring a .htaccess in the cPanel account to disable xmlrpc can provide better security.
1. Log into cPanel account
2. Click File Manager
3. Access into public_html (or your website's content 's document root)
4. Create a new file and name it as ".htaccess"
5. Paste the following code:
# Block WordPress xmlrpc.php requests <Files xmlrpc.php> order deny,allow deny from all allow from xxx.xxx.xxx.xxx </Files>
If you would like to retain XML-RPC from a particular IP, replace "xxx.xxx.xxx.xxx' with your IP address, otherwise, you can simply delete the line or comment it out.
6. Save and close the file