Wordfence: WordPress Website Security Plugin

Wordfence is a security central plug-in for WordPress. It is composed by a firewall, an antivirus and anti bruteforce tool to CMS. In the past people used different plug-ins limiting security problems and it was quite frequent to find incompatibility between these plug-ins and the others installed into WordPress.

Look more details on https://wordpress.org/plugins/wordfence/

Stop WordPress pingbacks

function diasble_pingbacks_for_all_the_posts(){
global $post;
global $wpdb;

remove_action(‘save_post’, ‘diasble_pingbacks_for_all_the_posts’ );
// update the post, which calls save_post again
$my_post = array(‘ID’=> $post->ID,’ping_status’ => ‘closed’);

wp_update_post($my_post);

// re-hook this function
add_action( ‘save_post’, ‘diasble_pingbacks_for_all_the_posts’);
}
add_filter(‘wp_headers’, function($headers, $wp_query){
if(isset($headers[‘X-Pingback’])){
// Drop X-Pingback
unset($headers[‘X-Pingback’]);
}
return $headers;
}, 11, 2);
// Disable XMLRPC by hijacking and blocking the option.
add_filter(‘pre_option_enable_xmlrpc’, function($state){
return ‘0’; // return $state; // To leave XMLRPC intact and drop just Pingback
});
// Remove rsd_link from filters ().
add_action(‘wp’, function(){
remove_action(‘wp_head’, ‘rsd_link’);
}, 9);
// Hijack pingback_url for get_bloginfo ().
add_filter(‘bloginfo_url’, function($output, $property){
return ($property == ‘pingback_url’) ? null : $output;
}, 11, 2);
// Just disable pingback.ping functionality while leaving XMLRPC intact?
add_action(‘xmlrpc_call’, function($method){
if($method != ‘pingback.ping’) return;
wp_die(
‘Pingback functionality is disabled on this Blog.’,
‘Pingback Disabled!’,
array(‘response’ => 403)
);
});