My site is getting a lot of malicious traffic to domain.com/xmlrpc.php, to the point that the server is not being able to handle it.
I tried to disable it via the wp-config.php, by adding this line:
add_filter('xmlrpc_enabled', '__return_false');
And I also tried this plugin, but neither method seemed to have worked.
Now I am considering to completely remove the php file, but I would like to be sure I won’t destroy other things.
Does anyone know if it’s safe to remove that file?