XML-RPC is enabled by default since WordPress version 3.5. For various reasons, you may wish to disable it. You can easily disable XML-RPC by adding the following code to your theme’s functions.php file.
add_filter( 'xmlrpc_enabled', '__return_false' );
After adding the code, you can check if XML-RPC is successfully disabled using the WordPress XML-RPC Validation Service. Just insert your site address then click on the “Check” button there, and a check will be started against your site.