How to Disable Dashicons in WordPress?

Dashicons is the official icon font of the WordPress.

There are two ways.

1. Custom code in function.php

add_action('wp_enqueue_scripts', 'ec_disable_dashicons');

function ec_disable_dashicons(){

    if(!is_user_logged_in()) {

        wp_dequeue_style('dashicons');
    wp_deregister_style('dashicons');
    }
}

2. Using EC Addons

How to Disable EMOJIS in WordPress?

They are smileys used on the Internet. If you don’t use it, Emojis script (wp-emoji-release.min.js) in WordPress creates an extra request, which adds to total page load time, and slows down your WordPress site. Professional website never use it.

For more info https://wordpress.org/support/article/emoji/

There are two ways.

1. Custom code in function.php

add_action( 'init', 'ec_emoji_scripts' );
function ec_emoji_scripts() {
	remove_action( 'wp_head', 'print_emoji_detection_script', 7 );
	remove_action( 'admin_print_scripts', 'print_emoji_detection_script' );
	remove_action( 'wp_print_styles', 'print_emoji_styles' );
	remove_action( 'admin_print_styles', 'print_emoji_styles' ); 
	remove_filter( 'the_content_feed', 'wp_staticize_emoji' );
	remove_filter( 'comment_text_rss', 'wp_staticize_emoji' ); 
	remove_filter( 'wp_mail', 'wp_staticize_emoji_for_email' );
	
	add_filter('tiny_mce_plugins', function ($plugins) {
		if (is_array($plugins)) {
			return array_diff($plugins, array('wpemoji'));
		} else {
			return array();
		}
	});

	add_filter('wp_resource_hints', function ($urls, $relation_type) {
		if ('dns-prefetch' === $relation_type) {							
			$emoji_svg_url = apply_filters('emoji_svg_url', 'https://s.w.org/images/core/emoji/2/svg/');

			$urls = array_diff($urls, array($emoji_svg_url));
		}

		return $urls;
	}, 10, 2);
}

2. Using EC Addons

How to Disable Embeds in WordPress?

WordPress site now to load the wp-embed.min.js file. And this loads on every single page.
The request itself is sometimes a bigger deal than the content download size.

There are two ways.

1. Custom code in function.php

add_action('init', 'ec_disable_embeds', 9999);
function ec_disable_embeds(){
	global $wp;
	$wp->public_query_vars = array_diff($wp->public_query_vars, array('embed'));
	add_filter('embed_oembed_discover', '__return_false');
	remove_filter('oembed_dataparse', 'wp_filter_oembed_result', 10);
	remove_action('wp_head', 'wp_oembed_add_discovery_links');
	remove_action('wp_head', 'wp_oembed_add_host_js');
	add_filter('tiny_mce_plugins', function( $plugins ) {
		return array_diff($plugins, array('wpembed'));
	});
	add_filter('rewrite_rules_array', function($rules) {
		foreach($rules as $rule => $rewrite) {
			if(false !== strpos($rewrite, 'embed=true')) {
				unset($rules[$rule]);
			}
		}
		return $rules;
	});
	remove_filter('pre_oembed_result', 'wp_filter_pre_oembed_result', 10);
}

2. Using EC Addons

How to Disable Password Strength Meter in WordPress

Introduced in recent versions of WooCommerce and WordPress, there is an integrated Password Strength Meter which forces users to use strong passwords.

It loads below file
password-strength-meter.min.js
zxcvbn.min.js

There are two ways.

1. Custom code in function.php

add_action('wp_print_scripts', function(){				
	if( is_admin() ) {
		return;
	}				
	
	if( ( isset($GLOBALS['pagenow']) && $GLOBALS['pagenow'] === 'wp-login.php' ) || ( isset($_GET['action']) && in_array($_GET['action'], array('register','rp', 'lostpassword' )) ) ) {
		return;
	}
	
	if( class_exists('WooCommerce') && (is_account_page() || is_checkout()) ) {
		return;
	}
	
	wp_dequeue_script('password-strength-meter');
	wp_deregister_script('password-strength-meter');

	wp_dequeue_script('wc-password-strength-meter');
	wp_deregister_script('wc-password-strength-meter');
	
	wp_dequeue_script('zxcvbn-async');
	wp_deregister_script('zxcvbn-async');
	
}, 100);

2. Using EC Addons

How To Remove wlwmanifest from WordPress?

WordPress automatically adds a wlwmanifest link to your site header for Windows Live Writer support. This is a link tag with a reference to your site's wlwmanifest.xml file:

Like.
<link rel="wlwmanifest" type="application/wlwmanifest+xml" href="https://ecaddons.com/wp-includes/wlwmanifest.xml" />

There are two ways.

1. Custom code in function.php

remove_action('wp_head', 'wlwmanifest_link');

2. Using EC Addons

How to Disable RSS Feed from WordPress?

RSS (RDF Site Summary or Really Simple Syndication) is a web feed that allows users and applications to access updates to websites in a standardized, computer.

There are two ways.

1. Custom code in function.php

function ec_disable_rss() {
 wp_die( __( 'No feed available, please visit the homepage!' ) );
}

add_action('do_feed', 'ec_disable_rss', 1);
add_action('do_feed_rdf', 'ec_disable_rss', 1);
add_action('do_feed_rss', 'ec_disable_rss', 1);
add_action('do_feed_rss2', 'ec_disable_rss', 1);
add_action('do_feed_atom', 'ec_disable_rss', 1);
add_action('do_feed_rss2_comments', 'ec_disable_rss', 1);
add_action('do_feed_atom_comments', 'ec_disable_rss', 1);

remove_action('wp_head', 'wlwmanifest_link');

2. Using EC Addons

How to Disable Trackbacks and Pings or Self Pingbacks on WordPress?

Trackbacks and Pings or Self Pingbacks allow blogs to notify each other that they have linked to a post. However, today it is mainly used by spammers to send trackbacks from spam websites.

There are two ways.

1. Custom code in function.php

function ec_disable_self_pingbacks( &$links ) {
foreach ( $links as $l => $link )
if ( 0 === strpos( $link, get_option( 'home' ) ) )
unset($links[$l]);
}
add_action( 'pre_ping', 'ec_disable_self_pingbacks' );

2. .htaccess

# Block WordPress xmlrpc.php requests

order deny,allow
deny from all
allow from xxx.xxx.xxx.xxx

Trackbacks and Pings or Self Pingbacks allow blogs to notify each other that they have linked to a post. However, today it is mainly used by spammers to send trackbacks from spam websites.

3. Using EC Addons

How to Disable XMLRPC.PHP FOR WORDPRESS?

XML-RPC for WordPress was designed to enable remote connections between your site and external applications.

WHY SHOULD I DISABLE XML-RPC?

There are security risks associated with leaving XML-RPC enabled. 
These can include: Brute Force Attacks and DDoS Attack

There are two ways.

1. Custom code in function.php

add_filter('xmlrpc_enabled', '__return_false');
add_filter('wp_headers', 'removeXPingback');
add_filter('pings_open', '__return_false', 9999);
function removeXPingback($headers) {
	unset($headers['X-Pingback'], $headers['x-pingback']);
	return $headers;
}

2. .htaccess

# Block WordPress xmlrpc.php requests

order deny,allow
deny from all
allow from xxx.xxx.xxx.xxx

You can replace xxx.xxx.xxx.xxx with an IP address you wish to give access to xmlrpc.php. If you wish to remove access completely, you can simply remove this line.

3. Using EC Addons

How to Remove WordPress Version Number?

By default, WordPress leaves its footprints on your site for the sake of tracking. In sometimes this footprint might be a security leak on your site if you are not running the most updated version of WordPress.

There are two ways.

1. Custom code in function.php

remove_action('wp_head', 'wp_generator');
add_filter('the_generator', function(){
	return '';
});

2. Using EC Addons

That's all, I hope it helped you in your WordPress site.If you have liked this post, please share it, and don't forget to share your thoughts.