This is caused by a system policy which by default rejects access to xmlrpc.php. This path is very common in the use of a multitude of attacks on Wordpress sites and is not commonly actually needed for the correct functioning of a site.

By default it is blocked on all our cPanel hosting platforms to mitigate the attack vector of old Wordpress sites which have still not been updated.

We're terribly sorry if this causes any inconvenience, but there is a solution below.