Skip to content

[WordPress Plug-in] Killer Pads is a plugin like security pads for "prevention is better than cure". It activates the default configuration of security and operational efficiency to WordPress websites.

License

Notifications You must be signed in to change notification settings

kodansha/killer-pads

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

31 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Killer Pads (WordPress Plug-in)

Killer Pads is a plugin like security pads for "prevention is better than cure". It activates the default configuration of security and operational efficiency to WordPress websites.

Features

Admin page customization

  • Disable admin dashboard page
  • Add favicon to admin pages (favicon.ico, favicon.png or favicon.svg must be placed in your theme's root directory)
  • Disable post autosave
  • Disable comments features by default

Remove REST routes

  • Remove all routes except ones used by famous plugins and explicitly whitelisted

Security concerns

  • Disable XML-RPC

Installation

This plugin is intended to be installed exclusively via Composer.

Configure your composer.json like the following:

{
  // ... snip ...
  "require": {
    // ... snip ...
    "kodansha/killer-pads": "^1.0.0",
    // ... snip ...
  },
  // ... snip ...
}

Configuration

REST routes

By default, only the following namespaces are allowed in whitelist:

  • api
  • preview

If you want to provide your own whitelist (e.g. wp/v2), add the following to wp-config.php:

define('KILLER_PADS_NAMESPACE_WHITELIST', ['wp/v2', 'preview']);

Warning Rest routes that start with /wp/v2/users are always blocked even when the wp/v2 namespace is whitelisted.

Remove Dashboard function configuration

When activating this plugin, admin home page is being redirected to /edit.php?post_type=post. If you want to change the path to be redirected, add the following to wp-config.php:

define('KILLER_PADS_ADMIN_HOME_PAGE_PATH', "edit.php?post_type=page");

Enable comments

Comments features are completely disabled by default. If you want to use comments and need to show comments menu in admin pages, add the following to wp-config.php:

define('KILLER_PADS_ENABLE_COMMENTS', true);

About

[WordPress Plug-in] Killer Pads is a plugin like security pads for "prevention is better than cure". It activates the default configuration of security and operational efficiency to WordPress websites.

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages