Secure your site's XML-RPC by removing some methods, while you can still use XML-RPC.
Secure your site’s XML-RPC by removing some methods, instead of disabling totally XML-RPC, which is needed by some plugins (eg. Jetpack) and some mobile apps.
Removes the following methods from XML-RPC interface.
This is not perfect, but it will help prerventing attacks
wp-content/plugins/
directory of your WordPress installation or install it directly from your dashboard and then activate the plugin from Plugins page.Yes, just activate it!
It depends on your security plugin. Some secure XML-RPC, some just allow you to enable or disable it, some can stop attacks as Stop XML-RPC Attacks does. So you may have to read your security plugin FAQ / doc.