Name: wp-hide/interface/process/minimum_slug_length
Type: Filter
Arguments:
(int) $slug_minimum_length
(array) $data
Using this filter, the minimum length of a custom slug can be changed. The default is 5.
XML-RPC is a remote procedure call (RPC) protocol that uses XML to encode its calls and HTTP as a transport mechanism.
This works by sending an HTTP request to a server implementing the protocol. The client in that case is typically software that calls a single method of a remote system. Multiple input parameters can be passed to the remote method, one return value is returned.
By default the path to XML-RPC file is domain_root/xmlrpc.php Through this option it can be changed to anything else. This ensures the protocol will not be called by anyone who doesn’t know the actual path.
This blocks the default path to the xmlrpc.php making the service unavailable at the domain_name/xmlrpc.php
The New XML-RPC Path has to be filled in with a value, for this option to work.
As default, certain methods require authentication for the protocol to be used along with a remote application:
Activating the option, methods requiring authentication will be blocked through a call.
Brute force attacks often target the XML-RPC service. Therefore, it’s advisable to enable this option unless you are using the service for specific purposes, such as with a remote mobile app.
Disabling the XML-RPC service in WordPress is a prudent step to enhance your site’s security. While it serves legitimate purposes, its vulnerability to exploitation by hackers makes it a liability for website owners. By taking this simple security measure, you can significantly reduce the risk of unauthorized access and brute force attacks, keeping your WordPress site safe and secure.
Before disabling the XML-RPC, ensure the service is not used for any of the following:
The Benefits of Disabling XML-RPC:
A pingback is one of four types of link-back methods for Web authors to request notification when somebody links to one of their documents. This enables authors to keep track of who is linking to, or referring to their articles Using this option this functionality can be removed.
This functionality is available for PRO version.
The Bitnami WordPress Stack provides a simple one-click install solution for WordPress framework. Run your own WordPress server in the cloud never been easier, chose from best available hosting such as AWS, Google Cloud Platform, Microsoft Azure, VMware. At the moment they provide the best value per cost on the market.
Through the User Interactions interface, different types of user actions are possible to block. This helps to limit the interaction between the user and its browser on your website.
The following options are available:
Disable Mouse right click
Disable right mouse click on your pages can protect your site content from being copied.
Some plugins, mainly visual editors, use mouse right-click, if use such code this option should be set to No.
Disable Text Selection
When the option is active, the text selection on pages is not possible. This is useful when don’t want the site texts to be copied.
Disable Copy
Through this option, the browser copy functionality is disabled.
Disable Cut
Through this option, the browser cut functionality is disabled.
Disable Paste
Through this option, the browser paste functionality is disabled.
Disable Print
When using the option, the browser Print dialogue is not available so a site print is disabled.
Disable Print Screen
The Print Screen function captures an image of the entire screen and copies it to the Clipboard in the computer’s memory.
If the functionality is not required, the option helps to disable it.
Disable Developer Tools
Every modern web browser includes a powerful tool called Developer Tools. Through the application, a user can inspect currently-loaded HTML, CSS and JavaScript.
To prevent the user from deeply checking into your site architecture, the functionality can be disabled using this option.
Disable View Source
The page source is an HTML set of tags code. An HTML tag is an element that, along with CSS and JavaScript, tells the Web browser what to do and how to display the text and images.
Generally, to better protect the page source, the option should be activated.
Disable View Source
The page source is an HTML set of tags code. An HTML tag is an element that, along with CSS and JavaScript, tells the Web browser what to do and how to display the text and images.
Generally, to better protect the page source, the option should be activated.
Disable Drag / Drop
The Drag and Drop operation describes the action o selecting an object or text on the page and moving it to a different area.
To disable the functionality the option should be set to Yes.
This functionality is available for PRO version.
WordPress provides a default error screen, which displays a standardized layout for various error or notice situations. By default, the layout consists of a simple message with minimal styling. This default appearance, although functional, is known as produced by a WordPress website.
This is how the default screen shows up on WordPress:
This option offers a way to change the screen layout and create a custom one that can seamlessly integrate with your website’s aesthetics.
Name: wph/components/components_run/ignore_component
Type: Filter
Arguments:
(bool) $ignore_component
(text) $component_id
($saved_field_value) $component_id
(object) $_class_instance
Using this filter, specific components can be disabled.
The following example disables the HTML Minification component on URL ‘/elementor-188’:
Continue reading
When using the PostProcessing functionality, the module process each site’s CSS and JavaScript assets. This can take additional time, depending on the site type and its dependencies.
To reduce the processing time on a new page load, the core is saving each chunk of data locally, within the data collection.
The default location for the files is /cache/wph/ This is customisable through the constant WPH_CACHE_FOLDER within the wp-config.php:
define('WPH_CACHE_FOLDER', 'cache/data');
Once the change is saved, a site cache clear is required to ensure the new location is taking effect.
This functionality is available for PRO version.
The feature provides a visual interface for arbitrary text replacement on HTML. The substitution is case-sensitive, also spaces in front or at the end are being used as is. The replacements occur only on front-side.
This is intended to be used with long texts for accurate replacements. Short words might produced unexpected results if being found in different part of the code. If small group of chars are needed to be changed (e.g. wp-, elementor, builder) the Html/Css/JS Replacements should be used instead.
Using the option the system tries to misguide the used WordPress by outputting the wrong traces, of the selected CMS.
Misleading and making a false lead provide extra security, as the attacker search and attempt to hack something which not exist.
The plugin can emulate systems like:
This functionality is available for PRO version.
Name: wp-hide/interface/process/reserved_values
Type: Filter
Arguments:
(array) $reserved_values
Through the filter, the system reserved values can be changed, by add or remove specific slugs. A reserved_value item can contain regex patterns e.g. [^\w\-]wp[^\w\-]
The following example add a new system reserved slug as “clear“.
Continue reading
Recent Comments