Disable XML-RPC
Completely disable XML-RPC functionality.
- Protects your site from brute-force and DDoS attacks targeting XML-RPC.
- Recommended if you don’t use apps or services that require XML-RPC.
Disable WordPress REST API
Prevent public access to the WordPress REST API.
- Increases security by blocking unauthorized requests.
- Useful if your site doesn’t rely on REST API endpoints.
Disable Automatic Updates
Turn off all WordPress core updates.
- Grants full control over when and how updates are applied.
- Recommended for managed environments where updates are handled manually.
Disable Automatic Updates Emails
Stop email notifications triggered by automatic updates.
- Keeps inboxes clean.
- Best paired with custom update management.
Disable Emojis
Prevent WordPress from loading emoji scripts and styles.
- Reduces page size and HTTP requests.
- Improves performance if you don’t need emoji support.
Disable WordPress Shortlink
Remove the WordPress shortlink meta tag from the site’s <head>
.
- Cleans up unnecessary metadata.
- Small performance and SEO improvement.
Change Number of Post Revisions
Limit the number of stored revisions per post.
- Helps reduce database size.
- Specify the maximum number of revisions to keep.