Several opinionated WordPress tweaks focused in security and performance.
- Produces clean filenames for uploads
- Change admin footer text
- Disable author page and author search by url
- Disable emoji mess
- Disable “meta widget”
- Disable WP REST API public access
- Disable “website” field from comment form
- Disable wp embed
- Disable xmlrpc.php
- Show admin bar for admin users only
- Hide WordPress update nag to all but admins
- Remove “WordPress logo” from admin bar
- Remove “+ New” button from admin bar
- Remove some dashboard widgets
- Remove <link rel=”shortlink” >
- Remove dashboard “welcome panel”
- Remove WordPress version number in <head>
- and more…
Note: is possible disable any feature.
For bugs, suggestions or contribuitions, open a issue in our Github Repository or create a topic in WordPress Plugin Forum.
Support this plugin on https://luizpb.com/donate/
- Install the plugin through the WordPress plugins screen directly.
- Activate the plugin through the “Plugins” screen in WordPress.
- Go to Settings > Tweaks to configure the plugin.
7 September 2022 1 reply
I appreciate this plugin as it contains clean up options for WordPress. Thank you.
16 April 2022 1 reply
This plugin is great! It has all the right stuff. I just think it only needs to remove "Comments" from the admin bar and add the functions that this plugin does: WP Core Update Cleaner. Anyway, great job!
10 August 2018 1 reply
Gostei do plugin, agiliza bastante na hora de dar uma otimizada
Contributors and Developers
“WP Tweaks” is open source software. The following people have contributed to this plugin.Contributors
Translate “WP Tweaks” into your language.
Interested in development?
Browse the code, check out the SVN repository, or subscribe to the development log by RSS.
1.9.2 – 2023-01-18
- Fix settings link.
1.9.1 – 2023-01-11
- Removed “Disallow your site in iframes” option. Utilize the “Security Headers” option instead.
1.9.0 – 2023-01-10
- Feature: Disable jQuery Migrate (enabled by default).
- Feature: Security Headers (disabled by default).
- Tweak: improve some options.
1.8.0 – 2022-12-11
- Security: Now is possible disallow to render your site in a
<object>outside of your site. Useful to avoid click-jacking attacks.
- Security: Now is possible disable the
/usersendpoint in the REST API, to prevent users enumeration.
1.7.1 – 2022-07-29
- Fix: Option ‘Remove Dashboard “welcome panel”‘ was not working.
- Misc: Improve colors on warning about debug constants.
1.7.0 – 2022-07-29
- Security: Now is possible display a generic error message when a user fails to login (instead of hints). This option is enabled by default.
- Misc: Now is possible change the menu “Posts” to “Blog”. This option is disabled by default.
- Security: The plugin now warns administrators that some WordPress constants (like WP_DEBUG) are enabled. This option is ALWAYS enabled.
- Tested with WordPress 6.0
1.6.0 – 2022-04-27
- Tested with WordPress 5.9
- Now is possible to remove ‘Comments’ from admin bar (default: Off)
- Now the option “Remove oEmbed support” is Off by default
- Improved and fixed portuguese translation
- Small enchantments
1.5.1 – 2021-03-26
- Fix disallow file edit setting
- Now is possible to disable author query and author pages separately
1.5.0 – 2020-04-19
- New Feature: Disallow file edit
1.4.0 – 2020-04-18
- New Feature: remove “Howdy” from admin bar
1.3.2 – 2020-04-18
- Fixed: Can not disable some options
1.3.1 – 2020-04-18
- Fix PHP Warning
1.3.0 – 2020-04-18
- Removed “jQuery CDN” option
1.2.0 – 2018-10-16
- New Feature: hide WordPress version in admin footer
- Tweak: jQuery default version now is 2.2.4
- Tweak: added description to informs the jQuery stable versions
- Tweak: informs that jQuery Migrate also is disabled when using jQuery from CDN
- Fix typos
1.1.0 – 2018-07-18
- New Feature: dashboard page with only one column
- Fix some typos
1.0.0 – 2018-05-23
- Initial release.