When you delve into the source code of a WordPress site, you’ll notice a lot of information between the <head></head> tags. This section, known as wp-head, contains various scripts, meta tags, and links that WordPress and its plugins generate. However, not everything in the wp-head is essential, and some of its elements might even pose security risks or performance issues. In this post, we’ll discuss why you should clean up your wp-head and how to go about doing it.
Why Clean Up wp-head?
- Security: Some elements, like the WordPress version number, can give malicious users a hint about potential vulnerabilities if you’re using an outdated version.
- Performance: Extra, unnecessary scripts and styles can slow down your website.
- Cleaner Code: If you’re a developer or designer, a tidy wp-head makes your source code easier to read and troubleshoot.
Disclaimer: This isn’t a one size fits all, make sure you are not making use of any of the features / functions we will be removing. before doing so.
How to Clean Up wp-head:
1. Remove WordPress Version Number:
Displaying the version of your WordPress can be a security risk. To remove it:
function remove_wp_version() {
return '';
}
add_filter('the_generator', 'remove_wp_version');2. Disable Emojis:
If you don’t need emojis, disabling them can reduce the number of HTTP requests, thus slightly improving performance.
function disable_wp_emojicons() {
emojis.remove_action('admin_print_styles', 'print_emoji_styles');
remove_action('wp_head', 'print_emoji_detection_script', 7);
remove_action('admin_print_scripts', 'print_emoji_detection_script');
remove_action('wp_print_styles', 'print_emoji_styles');
remove_filter('wp_mail', 'wp_staticize_emoji_for_email');
remove_filter('the_content_feed', 'wp_staticize_emoji'); remove_filter('comment_text_rss', 'wp_staticize_emoji'); add_filter('tiny_mce_plugins', 'disable_emojicons_tinymce');
}
function disable_emojicons_tinymce($plugins) {
if (is_array($plugins)) {
return array_diff($plugins, array('wpemoji'));
} else {
return array();
}
}
add_action('init', 'disable_wp_emojicons');3. Remove Really Simple Discovery (RSD) Links:
If you’re not integrating your blog with external services or tools, you can safely remove this.
remove_action('wp_head', 'rsd_link');
4. Remove Windows Live Writer Manifest:
Unless you’re using Windows Live Writer, you can remove this.
remove_action('wp_head', 'wlwmanifest_link');
5. Remove Shortlink:
If you don’t use WordPress shortlinks (the ?p=123 format), you can remove the shortlink tag.
remove_action('wp_head', 'wp_shortlink_wp_head');
6. Disable REST API Link Tag:
For added cleanliness, or if you’re not using the WordPress REST API:
remove_action('wp_head', 'rest_output_link_wp_head');
Implementing the Clean-Up:
To apply these changes, add the code snippets to your theme’s functions.php file. However, be cautious:
- Always back up your website before making changes to functions.php.
- Consider using a child theme, so updates to your main theme don’t overwrite custom changes.
Conclusion:
Cleaning up your wp-head is a straightforward process that can bolster your site’s security, performance, and cleanliness. While some of these tips offer minor performance gains, collectively they can contribute to a faster, safer, and more streamlined WordPress experience.