Another 5 Things Your WordPress Site Doesn’t Need

This is the third segment in a series on removing stuff from WordPress. I recommend you check out Part 1 and Part 2.

Things you should remove from your WordPress site
You should remove as much junk as possible from your WordPress site

The last couple of articles on this subject garnered plenty of interesting responses and suggestions from our readers, which I thought warranted a third post in the series.

So here we go with yet another 5 things that you can remove from WordPress, all in the name of making your site faster, simpler and more secure.

1. Your WordPress version number

This is a handy WordPress security tip, procured from our very own Mason James. (Thanks for doing my work for me)

Having your WordPress version number output by the wp_generator() function could have a negative impact on your site’s security.

Making your WordPress version number available (as it is by default) can make it easier for hackers to use a known weakness in that version. The easiest way to get rid of this is to add the following to your theme’s function.php:

remove_action(‘wp_head’, ‘wp_generator’);

2. Zip files from theme and plugin uploads

Make your WordPress site cleaner and simplerIf you upload themes and plugins to your WordPress installation manually, you’ll be left with a bunch of .zip files sitting around on your server. These are just dead weight and there’s no need to keep them. Get on in there and do a bit of housekeeping.

3. The ‘Tools’ menu

In the left sidebar of your dashboard. You ever used it before? Me neither.

Unless you have some specific reason for keeping it around, the Tools menu is one more piece of dashboard clutter you can safely get rid of.

4. The ‘Links’ menu

Another less-than-useful dashboard menu. Granted, the links in question point to some very important information resources.

But anyone with a more than a passing familiarity with WordPress knows all these sites already. Unless you’re a total WP newbie who’s still learning to walk, you’re probably never going to use the Links menu.

To remove both the Tools and Links menus from your WordPress dashboard, open the functions.php file in your Theme editor and paste the following code:

	add_action( 'admin_menu', 'my_remove_menu_pages' );

	function my_remove_menu_pages() {

5. Any widgets that you’re not going to to use

For your own personal WordPress site, useless widgets are just a waste of space. For a client’s site, they’re a potential headache waiting to happen (if your client decides to do a little widget experimentation without really knowing what they’re doing).

Take a long, hard look at that group of widgets, and bring down the axe on anything that’s not relevant or useful to the website.

Removing available widgets from the dashboard entirely is a fairly advanced procedure – check out this page in the WordPress Codex for further info.

Got anything to add to the list?

If you can suggest anything else than can and should be removed from WordPress, that we didn’t cover in Part 1 or Part 2, please let us know in the comment sections below.

Image credits: Goodbye and Businessman Throwing Trash from Bigstockphoto.

39 Responses

  • New Recruit

    I always remove rsd_link (support for Really Simple Discovery) & wlwmanifest_link (support for Windows Live Writer) for two reasons, 1. I don’t need them 2. they don’t validate!

    to remove them bunge this in your functions.php

    function removeHeadLinks() {
    remove_action('wp_head', 'rsd_link');
    remove_action('wp_head', 'wlwmanifest_link');
    add_action('init', 'removeHeadLinks');

  • Is there a quick/easy way to remove sidebar widgets across a multisite install? The way I’m doing it now involves going into each theme function file, but that’s kind of a pain.

  • @Tim this is great post. I have removed Post revisions, Unused themes/plugins and WordPress version.

    I would like know if it safe to remove the default WordPress theme? as you didn’t mentioned it in any of the 3 post.

    • If you’re not using it, you can definitely remove it. However, if you use a multisite setup and allow signups, the default theme is most likely the theme that will be automatically assigned…so I wouldn’t remove it in that situation.

  • I agree about removing Links and Tools, however, keep in mind there are some plugins that add their menu under Tools. I don’t recall which ones off the top of my head.

  • Regenerate Thumbnails and Redirection both add their menus under ‘Tools’ and they’re two of my more frequently used plugins. Appreciate the other tips though.

  • Tools? Do you mean the much ignored “Available Tools” sub-item? There are anywhere from 5-10 Tools, filed there, I use all the time, and there are some plugins that should be filed under it, rather than Settings.

  • Tim
    WPMU DEV Initiate

    I’m always keen on getting rid of things in the default WordPress, especially when using for multisite. I find the overuse of branding to be a tad annoying sometimes.

    I keep myself a private log, in a text file of things to change on every new release and I do this before upgraded. I know some people will say “I got a plugin that does that” But really…. I would rather not add needless plugins which ultimately help to increase the overheads required to run a multisite install.

    Anyway, I digress. In the comments I saw someone mention about widgets. One widget which annoys me and is near the top of the list of changes I make is the Dashboard widget and the other is the default WordPress widget. So for a quickie, here is what I change :-)

    Dashboard Settings:


    `//Primary feed (Dev Blog)
    //Secondary feed (Planet)

    They both have lines like this:

    ‘link’ => apply_filters( ‘dashboard_primary_link’, __( ‘’ ) ),
    ‘url’ => apply_filters( ‘dashboard_primary_feed’, __( ‘’ ) ),
    ‘title’ => apply_filters( ‘dashboard_primary_title’, __( ‘My Sites Name’ ) ),`

    I change that to a feed which helps keep my users up to date on our work, not the work of some third system which only stands to confuse them. They are not techies and most like care not what WP is. They only wish for something ease of use and access to relevant information.

    Default Widget – WordPress Address


    `<a href="; title="”>`

    I have a long list of things my sites don’t need, but these two are good for now. :-)

    Some theme developers like to add their own default widgets with links and advertising in as well. But thats another story.

  • I was about to say something about the Tools menu being essential for several plugins but I see that has already been mentioned in the comments (though it shoudl definitely have been brought up in the original article). A much more serious problem is the tip to remove the Links manager. I personally will use this information to remove it, but only because I’m adding my own “Link” custom post type to replace it. The article mentions links as if they were only a place for quick navigation to sections of the WordPress site, when it is of course really a place for the web site administrator to add his own links to whatever sites about which he wants to alert his readers. Many blogs have a Blogrool section in the sidebar, the links displayed there are edited in the Link manager.

  • If I’m using 20 MBs on a 150GB server, why should I care about some zipped theme/plugin files lying around? Not being a smartass, I’m honestly curious.

    • By removing them you reduce the surface area for attacks.

      Every theme, plugin or script you have installed has code that makes it operate. All too often, that code has bugs. Even a minor bug today can be turned into a major ordeal when a new mechanism of exploitation is discovered and “script kiddies” add an automated attack to their tools. The TimThumb exploit is a perfect example of this situation. Check out this article for “why”.

      From the day the TimThumb WP exploits were discovered until now (only 4 months or so) there have been hundreds of thousands of sites that were exploited thru the hole…and the worst part is that nearly all of them could have avoided infection simply by removing the vulnerable themes or plugins – which probably weren’t even in use!

  • One thing to remember is disabling the WordPress version tag helos, but if u use a cache system like w3 total cache without URL rewriting, you can stilk see the version number on each include like

Comments are closed.