If you follow these instructions it will add a rewrite rule into all user VHost files to block access to xmlrpc.
Code:
cd /usr/local/directadmin/data/templates/custom/
touch cust_openlitespeed.CUSTOM.5.pre
chown diradmin:diradmin cust_openlitespeed.CUSTOM.5.pre
nano /usr/local/directadmin/data/templates/custom/cust_openlitespeed.CUSTOM.5.pre
Then inside the CUSTOM.5.pre file you can paste the following RewriteRule.
Code:
RewriteCond %{REQUEST_URI} ^(.*)?xmlrpc\.php(.*)$ [OR]
RewriteRule ^(.*)$ - [F,L,NC]
If you wanted to take this a bit further and block access to more files system wide and apply to each VHost you can add as many filenames to list as you want.
Code:
RewriteCond %{REQUEST_URI} ^(.*)?readme\.html(.*)$ [OR]
RewriteCond %{REQUEST_URI} ^(.*)?readme\.txt(.*)$ [OR]
RewriteCond %{REQUEST_URI} ^(.*)?xmlrpc\.php(.*)$ [OR]
RewriteCond %{REQUEST_URI} ^(.*)?wp-trackback\.php(.*)$ [OR]
RewriteCond %{REQUEST_URI} ^(.*)?license\.txt(.*)$ [OR]
RewriteCond %{REQUEST_URI} ^(.*)?wp-config\.php(.*)$
RewriteRule ^(.*)$ - [F,L,NC]