Disable XML-RPC & Anonymous REST API
Disable All Processing Of Unauthenticated REST API And XML-RPC Requests
Disabling requests to the REST API that aren't authenticated (i.e. username/password) eliminates abuse of the API. Disabling XML-RPC eliminates possible credential stuffing attacks and any XML-RPC attack vectors.
Brute Force Protection features prevent many different forms of attack on a site, including credential stuffing, Dictionary (Password) Attacks, Reverse Brute Force Attack, DoS attacks,View Category
Features here are stand-alone security components designed to lockdown your WordPress and reduce your surface area for attack.View Category