The xmlrpc.php file in WordPress is a common attack point, as it's the API for WordPress that allows for remote management such as creating/editing posts, etc.
As a result of this being a common attack point, we disable it by default on our servers to protect your sites from abuse.
If you wish to enable xmlrpc.php, then please install a plugin such as
Rename XMLRPC from the WordPress directory to rename the xmlrpc.php file to something else and re-enable access to it.
