Deny xmlrpc.php file but don't log the failed requests

RewriteRule ^(xmlrpc\.php) - [F,L,NC]

Using the [F] flag causes the server to return a 403 Forbidden status code to the client.

The [L] flag causes mod_rewrite to stop processing the rule set.

Use of the [NC] flag causes the RewriteRule to be matched in a case-insensitive manner.

For more infos:

https://httpd.apache.org/docs/2.4/rewrite/flags.html

You probably know beter as I can see your over 19k reputation :)xmlrpc is false as default in wp and not recomended to open global.you should have something like this in.htaccess or in functions.php

add_filter('xmlrpc_enabled', '__return_false') rpc is disabled.

if not ? then add it to your functions.php it will solve your problem.if didnt solve then use a plugin

To deny from all its beter to do it with a plugin like instead manuel Manage XML-RPC.

İf you want to allow only for your self.Check if you dont have rpc false in your .htaccess and add the code below to enable only for your ip.

<Files xmlrpc.php>  order deny,allow  deny from all  allow from 10.123.456.000 //Replace with your ip</Files>

Or allow only from GET,PROPFIND,POST,OPTIONS,PUT,HEAD[403]

RewriteCond %{REQUEST_METHOD} !^(GET|HEAD|POST|PROPFIND|OPTIONS|PUT)$ [NC]RewriteRule .? - [F,NS,L]

if you want to allow rpc then go here and follow the steps:https://www.wikihow.com/Enable-XML-RPC-in-WordPress