Our server is being hit with a lot of xmlrpc calls. So many that it brought our server down the other day. In researching, I have found the article http://blog.sucuri.net/2014/07/new-brute-force-attacks-exploiting-xmlrpc-in-wordpress.html and believe this is what is happening on our server. I would like to disable xmlrpc, but I want to be sure that we don't unintentionally disable desired functionality on our site.
I know that admin-ajax.php is being loaded on some of our pages (for a jquery lightbox slider and for an autocomplete search feature). If we disable xmlrpc - do you know if this will affect admin-ajax.php at all? Are there other admin functions that use xmlrpc that I should be aware of?
We are not using the WordPress API for any remote publishing or applications.