Disable XML-RPC Pingback的作者是Samuel Aguilera，目前有80,000+个有效安装。已经Tested with 5.3.3版本的wordpress。
Stops abuse of your site’s XML-RPC by simply removing some methods used by attackers. While you can use the rest of XML-RPC methods.
This is more friendly than disabling totally XML-RPC, that it’s needed by some plugins and apps (I.e. Mobile apps or some Jetpack’s modules).
Removes the following methods from XML-RPC interface.
X-Pingback from HTTP headers. This will hopefully stops some bots from trying to hit your xmlrpc.php file.
WordPress 3.8.1 or higher.