Disabling Unused WordPress Features

Disabling unused WordPress features can reduce background requests, shrink front-end payload, and lower the attack surface. The key is to disable only what you understand and can test - some "performance" toggles can break checkout, dashboards, or editor behavior.

caution

Test changes on staging first. After each change, purge caches and verify key flows (login, forms, search, cart/checkout, wp-admin).

Quick Wins (Usually Safe)

These features are commonly disabled on performance-focused sites.

Disable Emojis and Embeds

If you use Perfmatters, enable its toggles (recommended for simplicity). Otherwise you can use a small MU plugin.

mu-disable-emojis-embeds.php
<?php
/**
 * Plugin Name: MU - Disable Emojis and Embeds
 */

// Emojis
remove_action('wp_head', 'print_emoji_detection_script', 7);
remove_action('admin_print_scripts', 'print_emoji_detection_script');
remove_action('wp_print_styles', 'print_emoji_styles');
remove_action('admin_print_styles', 'print_emoji_styles');
remove_filter('the_content_feed', 'wp_staticize_emoji');
remove_filter('comment_text_rss', 'wp_staticize_emoji');
remove_filter('wp_mail', 'wp_staticize_emoji_for_email');

// Embeds
remove_action('wp_head', 'wp_oembed_add_discovery_links');
remove_action('wp_head', 'wp_oembed_add_host_js');
add_filter('embed_oembed_discover', '__return_false');

Place it in wp-content/mu-plugins/.

Disable Pingbacks / Trackbacks

disable-pingbacks.sh
wp option update default_ping_status closed

Disable Comments (If You Don't Use Them)

disable-comments-defaults.sh
wp option update default_comment_status closed
wp option update comment_moderation 0

Tune Instead of Disabling (Commonly Safer)

Post Revisions

Instead of disabling revisions entirely, cap them.

cap-post-revisions.sh
wp config set WP_POST_REVISIONS 10 --raw

Autosave

Instead of trying to remove autosave via theme code, increase the interval.

tune-autosave-interval.sh
wp config set AUTOSAVE_INTERVAL 300 --raw

High-Risk Toggles

REST API

Many modern plugins (and WooCommerce) rely on REST endpoints. Disabling it is rarely worth the risk.

If you must restrict it, do it intentionally and test thoroughly.

Example: block REST API for non-logged-in users (use with caution)

restrict-rest-api.php
add_filter('rest_authentication_errors', function($access) {
  if (is_user_logged_in()) {
    return $access;
  }

  return new WP_Error('rest_disabled', 'REST API disabled.', ['status' => 403]);
});

WP-Cron

Disabling WP-Cron can reduce random background work on page loads, but you must replace it with a real cron.

disable-wp-cron.sh
wp config set DISABLE_WP_CRON true --raw

Example server cron (WP-CLI-based):

crontab-example.txt
*/5 * * * * cd /var/www/html && wp cron event run --due-now --quiet

Validate Your Changes

Confirm constants were written:

confirm-wp-config-constants.sh
grep -E "WP_POST_REVISIONS|AUTOSAVE_INTERVAL|DISABLE_WP_CRON" wp-config.php

Use DevTools Network to confirm removed scripts are no longer requested.
Re-run PageSpeed Insights for the same URL and compare metrics.

Quick Wins (Usually Safe)​

Disable Emojis and Embeds​

Disable Pingbacks / Trackbacks​

Disable Comments (If You Don't Use Them)​

Tune Instead of Disabling (Commonly Safer)​

Post Revisions​

Autosave​

High-Risk Toggles​

REST API​

WP-Cron​

Validate Your Changes​

What's Next​