Blocking Wordpress xmlrpc Attacks on Cpanel
Finally, a way to block those pesky WordPress DoS attacks on cPanel
A very common DOS attack on a cPanel server is against the WordPress API scripts, chiefly xmlrpc.php and wp-login.php.
If you have been subjected to this kind of attack in the past, and have attempted to prevent reoccurrence, you will likely know that the oft-quoted .htaccess solutions, such as:
<Files xmlrpc.php> order deny,allow deny from all </Files> Have limited success in mitigating this kind of attack.