PHP 35
Wp security By micha on 28th October 2019 11:28:59 AM
  1. /*
  2. * DISABLE REST ENDPOINTS
  3. * need to be enabled for wordpress blocks to function
  4. */
  5.  
  6. /*
  7. add_filter( 'rest_endpoints', 'remove_default_endpoints' );
  8. function remove_default_endpoints( $endpoints ) {
  9. return array( );
  10. }
  11. */
  12.  
  13. // REST API - change default rest access route from wp-json
  14. function rest_url_prefix() {
  15. return 'api';
  16. }
  17. add_filter( 'rest_url_prefix', 'rest_url_prefix' );
  19. // REDIRECT AUTHORS
  20. function author_page_redirect() {
  21. if ( is_author() ) {
  22.   wp_redirect( home_url() );
  23. }
  24. }
  25. add_action( 'template_redirect', 'author_page_redirect' );
  27. // REMOVE XMLRPC
  28. add_filter( 'xmlrpc_enabled', '__return_false' );
  30. function remove_xmlrpc_pingback( $headers ) {
  31. unset( $headers['X-Pingback'] );
  32. return $headers;
  33. }
  34. add_filter( 'wp_headers', 'remove_xmlrpc_pingback' );
  35.  
  36.  
  37. /*
  38. * WP CONFIG
  39. * Block externals
  40. */
  41. define('WP_HTTP_BLOCK_EXTERNAL', true);
  42. define('WP_ACCESSIBLE_HOSTS', 'downloads.wordpress.org,wordpress.org');

Paste is for source code and general debugging text.

Login or Register to edit, delete and keep track of your pastes and more.

Recent Pastes

Elementor Sticky[...]

JS baseURL

ASCI Banner

Jump to anchor / go[...]

Phpstorm[...]

Wp user[...]

WP CPT Custom Icon[...]

WP get assigned[...]

Linux / Ubuntu[...]

SQL replace[...]

Raw Paste

Login or Register to edit or fork this paste. It's free.

Copyright © 2025 Paste. All rights reserved.
Powered by Paste