WordPress is a large content management system that adds plenty of features to your published site. Most site owners do not need these default additions for running a blog or simple website. It is also necessary to optimize WordPress site in order to load faster and protect from malicious attackers to keep it sage. In this article, we will explain the complete list of WordPress default additions and how to disable these items in WordPress for security and optimization reasons.
Frontend and Backend Items to Disable
WordPress has both frontend and backend items that you may not need in all situations. Let us explain here with few examples before going to the complete list.
- You are running a content site and do not have any blog on the site. In this case, you can simply disable blog related stuffs like comments, pingbacks, gravatar, feeds, etc.
- You are primarily working with custom post types that supports the old Classic Editor. This essentially means, you do not the scripts and styles from Gutenberg editor both in backend and frontend.
- You are not using emoji or embedding content from other websites. Here, you can improve the page loading speed by disabling emoji and embed scripts loading on each page on your site.
The list is so big that you will be surprised to know that WordPress adds so many unnecessary items on your website.
Do I Need to Disable All Items?
The answers depends on the type of site you run and the functionalities you need. As mentioned, most of these default items are not needed and you can remove them safely to protect your site and improve page loading speed.
Complete List of Items to Disable in WordPress
Here is a complete list of items that you can disable in WordPress. We have provided each item with the purpose and reason why you may need to remove from your site.
|Item to Disable||What it Does?||Reason for Removal|
|Feeds||WordPress generates multiple RSS and ATOM feeds for feedreaders to grab your latest content.||Many auto-blogging plugins will use these feeds to scarp content from your site without permission. Therefore, if you are using feedreaders for offering content to your readers, it is good idea to disable these feeds.|
|RSD Links||WordPress adds Really Simple Discovery (RSD) links in the header. This is useful for publishing content with third-party blogging clients.||Cleanup header to load the page faster.|
|WLW manifest Link||Windows Live Writer (WLW) links for publishing content when using Windows Live Writer.||Note needed if you are not using Windows Live Writer.|
|XML-RPC||This is a WordPress feature to enable external data transmission through HTTP protocol.||Remove for security reasons. Some functions like WordPress Jetpack mobile apps will not work if you disable XML-RPC.|
|Gravatar||Small profile picture linked to your email and loaded from gravatar.com. These images are attractive when loaded with comments to see the user’s profile image.||Loading gravatar images will drag the page’s speed by requesting multiple HTTP calls from gravatar.com. You can disable this for reducing HTTP requests and improving page loading speed.|
|WordPress Version||By default, WordPress will use a generator meta tag in the header to add the installed version.||This can create a security problem when you are using older versions.|
|Shortlink||WordPress adds a permanent link of the page like “url/?p=123” in the header.||When you use different permalink structure this will be an overhead.|
|Previous and next post links||Links to previous and next blog post is inserted in WordPress header.||Generally, your theme will offer previous / next post links after the content area. Therefore, you can remove this unnecessary code from the header section.|
|Embeds||WordPress embeds help you to paste the URL from any supported service provider to show the content. For example, simply paste any image URL to insert the image using Embed block in Gutenberg editor.||Anyone can also past your site’s URL to consume bandwidth of your server. You can disable embeds if not using on your site.|
|Heartbeat API||API to get live data update in WordPress admin dashboard.||Disable this as it can drain server resource.|
|JSON API||This is a REST API that helps developers to use the content. You can view the content using “yoursite.com/ wp-json/wp/v2”.||You can disable for security reason and prevent content scraping. However, some plugins may not work if you disable this feature. Make sure to test the site thoroughly after disabling.|
|Query Strings||Theme and plugins developers add the version at the end of CSS and JS files. It may look like yourplugin.css/?v1.0.||Query strings can’t be cached as the version will change frequently. This will create speed problems in Google PageSpeed Insights and other tools.|
|Website Link in Comments Form||By default, WordPress offers a comment form that includes name, email and website URL. The website URL will be linked automatically to the comment submitter in published site.||This is the major source of comment spam. You can remove this to accept comments only from legitimate users.|
|Comments||By default, comments are enabled in blog posts in WordPress.||You can disable this when you do not have blog on your site.|
|Self-Pingbacks||Pingback feature will track the mention of the post URL and link to comment section of the post. Self-pingback is created when you use a link in your own blog.||This is unnecessary junk and clutter the comment section of your posts.|
|jQuery Migrate||WordPress stopped using jQuery Migrate from version 5.5. Some of your plugins and theme may load this for compatibility reason.||Disable if your site does not need this.|
|Dashicons||This is the official WordPress icons used on admin panel.||You can remove them from the frontend if loaded by your theme or plugin.|
|Attachment Page||WordPress created attachment page for each media file you upload. This page contains only an image or media you have uploaded causing thin content problem.||Redirect all attachment pages to parent posts using Yoast SEO, Rank Math or similar plugin to improve the SEO.|
|Disable Smart Quotes||By default, WordPress uses smart quotes in the editor. This can create problem when you want to showcase a piece of code.||Disable smart quotes and use straight quotes to avoid confusion.|
|Disable Revisions||Additional post type generated by WordPress for versioning and restoring purposes.||You do not need revisions unless you are preparing mission critical content in the editor.|
|Date Archives||Archive page based on the published date of the article.||This archive page will be same as your blog index page. So, you can remove if not needed.|
|Author Archive||Archive page created for each author on your site.||Unnecessary for a single author blog to avoid duplication with blog index page.|
|Disable Updates||WordPress offers auto-update feature for theme, plugins and core WordPress.||Auto-updating without testing can create ultimate disaster if a plugin or theme create conflicts with your setup.|
|Disable Auto Paragraph||Auto formatting in editor.||You can disable auto formatting if not needed.|
|Readme.txt||Default file supplied with WordPress that you can access from the browser.||Delete for security reasons.|
|Password Strength Meter||WordPress and WooCommerce loads a script to force users to use strong passwords.||Disable this script on the pages where you do not need passwords to be used.|
|WooCommerce AJAX||AJAX calls from WooCommerce plugin for cart and dashboard widgets update.||Disable this to improve the page loading speed, especially when you have no cart on the page.|
|Google Fonts||Many themes load Google Fonts downloading multiple files.||Page speed killer as the font loading will stop rendering your page content. Either combine or disable Google Fonts to speed up your site.|
|Gutenberg Editor||Default WordPress editor for content editing and formatting.||You can disable Gutenberg if you are primarily handling custom post types like WooCommerce products or bbPress forum that works with Classic Editor.|
How to Remove Default Items in WordPress?
Now, the question is how to remove these default items from the site. Unfortunately, you may not be able to remove all these items using a single plugin. You may need to use multiple plugins depending upon the need. In addition, your caching or speed optimization plugin may offer some of these functions like disabling emoji script. Therefore, you may need multiple plugins to completely get rid of these items from your site.
Here are some of the recommendations from our point of view:
- WP Rocket
- Clearfy – WordPress optimization plugin and disable ultimate tweaker
- SG Security and SG Optimizer combination for SiteGround users
You can use Perfmatters and WP Rocket combination to get the maximum optimization. However, both these plugins are available only as premium versions and you need to have a yearly subscription.