What if we could tell JetPack to connect via a renamed-xmlrpc.php?

what if we could tell JetPack to connect with this [renamed-xmlrpc.php] file instead of some well known statically named xmlrpc.php?

That’s not possible I’m afraid. In general, renaming XML-RPC is usually a bad idea, as it doesn’t address the root of the issue with your host.

• If you rename the file, you’re also breaking communication for all other plugins, apps, and services that rely on that file.
• If your hosting provider blocks all access to XML-RPC, it means that they don’t have any additional resources to monitor and protect your site against XML-RPC abuse. That means that as soon as hackers get to know the name of the new file, you’ll be exposed to abuse.
• The most popular hosting providers all found ways to protect themselves against XML-RPC abuse, without breaking any legitimate services that rely on that file. TShese hosting providers often use services like Mod Security or Fail2ban to monitor and protect the file.
• If you rename the XML-RPC file, you’ll have to do that over and over again, every time WordPress is updated.

Instead, I’d recommend that you get in touch with your hosting provider, and ask them if it’s possible to allow access to that file. If they’d rather not allow access to the file under any circumstances, I’m afraid I can only recommend that you look for a different hosting provider, or use Jetpack’s Development mode that will allow you to use all the Jetpack features that do not require a connection to WordPress.com:
https://jetpack.com/support/development-mode/

Thank you Jeremy,
I thought it would be good enough to control the XML-RPC as long as it’s completely blocked at the host end and one can not switch to some different host.

That’s when I know which plugins, addons or services on the website may use the XML-RPC or none of them actually use it. I could easily manipulate the existence of XML-RPC so that I could use it my way.

Either the host has the system to take care of XML-RPC or they don’t, I can restrict access to the renamed-XML-RPC whenever I want. Whatsoever, it’s not about securing the platform; as on a particular host, if an original XML-RPC is not safe, a renamed-XML-RPC won’t be more vulnerable than the original.

The thing is not about WordPress updates and let it be on xml-rpc.php. What I was thinking about, is JetPack only (as standalone wordpress plugin) that uses the XML-RPC interface of a WordPress website. I guess it should be flexible to tell JetPack where specifically it can connect to a particular website rather than a one single well-known XML-RPC.

Thank you

if an original XML-RPC is not safe, a renamed-XML-RPC won’t be more vulnerable than the original.

That’s true. But you can assume that the original wasn’t safe. Since it was completely blocked, I’d assume that no additional security measures are in place to protect XML-RPC. If hackers were to find the location of the new XML-RPC file, your site wouldn’t be safe anymore.

I guess it should be flexible to tell JetPack where specifically it can connect to a particular website rather than a one single well-known XML-RPC.

I’m afraid there is no such option right now; Jetpack relies on XML-RPC being at its default location.