ianpegg · October 28, 2024 16:38
diff --git a/security.inc.php b/security.inc.php
 <?php
 /**
 * Plugin Name:     eggMUP: Security
 * Plugin URI:      https://gist.github.com/ianpegg/e60d026fe2b8f4b7236855818dd36ab6
 * Description:     Must-use plugin tools for improving site security.
 * Version:         1.0.1
 * Author:          Ian Pegg
 * Author URI:      https://eggcupwebdesign.com
 * php version 8.2.14
 * 
 * @category Must_Use_Plugin
 * @package  WordPress_Plugin
 * @author   Ian Pegg <[email protected]>
 * @license  GNU/GPLv3 https://www.gnu.org/licenses/gpl-3.0.txt
 * @link     https://eggcupwebdesign.com
 **/
 namespace EggCup\MUP\Security;

 if (!defined('ABSPATH')) {
    exit;
 }


 /**
 * Deactivates XMLRPC as it is deprecated in favour of WP-JSON:
 */
 add_filter('xmlrpc_enabled', '__return_false');


 /**
 * Stops WP from making life so easy for dumb scripts that want to 
 * find the login page:
 *
 * @link https://wordpress.stackexchange.com/questions/135021/how-to-turn-off-redirection-from-domain-com-login-to-domain-com-wp-login-php#answer-135035
 */
 add_action('template_redirect', function () {
    remove_action('template_redirect', 'wp_redirect_admin_locations', 1000);
 });


 /**
 * Removes all the unnecessary HTML tags that make it trivially easy
 * to fingerprint WP:
 * 
 * @return void
 */
 add_action('after_setup_theme', function () {
    add_filter('the_generator', '__return_false');
    remove_action('wp_head', 'rsd_link');
    remove_action('wp_head', 'wlwmanifest_link');
    remove_action('wp_head', 'adjacent_posts_rel_link_wp_head', 10);
    remove_action('wp_head', 'wp_generator');
    remove_action('wp_head', 'wp_shortlink_wp_head', 10);
    remove_action('wp_head', 'rest_output_link_wp_head', 10);
    remove_action('wp_head', 'wp_oembed_add_discovery_links');
    remove_action('wp_head', 'wp_oembed_add_host_js');
 });
	<?php
	/**
	* Plugin Name: eggMUP: Security
	* Plugin URI: https://gist.github.com/ianpegg/e60d026fe2b8f4b7236855818dd36ab6
	* Description: Must-use plugin tools for improving site security.
	* Version: 1.0.1
	* Author: Ian Pegg
	* Author URI: https://eggcupwebdesign.com
	* php version 8.2.14
	*
	* @category Must_Use_Plugin
	* @package WordPress_Plugin
	* @author Ian Pegg <[email protected]>
	* @license GNU/GPLv3 https://www.gnu.org/licenses/gpl-3.0.txt
	* @link https://eggcupwebdesign.com
	**/
	namespace EggCup\MUP\Security;

	if (!defined('ABSPATH')) {
	exit;
	}


	/**
	* Deactivates XMLRPC as it is deprecated in favour of WP-JSON:
	*/
	add_filter('xmlrpc_enabled', '__return_false');


	/**
	* Stops WP from making life so easy for dumb scripts that want to
	* find the login page:
	*
	* @link https://wordpress.stackexchange.com/questions/135021/how-to-turn-off-redirection-from-domain-com-login-to-domain-com-wp-login-php#answer-135035
	*/
	add_action('template_redirect', function () {
	remove_action('template_redirect', 'wp_redirect_admin_locations', 1000);
	});


	/**
	* Removes all the unnecessary HTML tags that make it trivially easy
	* to fingerprint WP:
	*
	* @return void
	*/
	add_action('after_setup_theme', function () {
	add_filter('the_generator', '__return_false');
	remove_action('wp_head', 'rsd_link');
	remove_action('wp_head', 'wlwmanifest_link');
	remove_action('wp_head', 'adjacent_posts_rel_link_wp_head', 10);
	remove_action('wp_head', 'wp_generator');
	remove_action('wp_head', 'wp_shortlink_wp_head', 10);
	remove_action('wp_head', 'rest_output_link_wp_head', 10);
	remove_action('wp_head', 'wp_oembed_add_discovery_links');
	remove_action('wp_head', 'wp_oembed_add_host_js');
	});