PHPackages wp-privacy/wp-api-privacy - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. wp-privacy/wp-api-privacy ActiveWordpress-plugin[Security](/categories/security) wp-privacy/wp-api-privacy ========================= Strips potentially identifying information from outbound requests to the WordPress.org API 1.2.4(1y ago)1632.0k↓50%10[3 PRs](https://github.com/wp-privacy/wp-api-privacy/pulls)GPL-3.0-or-laterPHP Since Nov 7Pushed 1y ago15 watchersCompare [ Source](https://github.com/wp-privacy/wp-api-privacy)[ Packagist](https://packagist.org/packages/wp-privacy/wp-api-privacy)[ Fund](https://www.buymeacoffee.com/duanestorey)[ GitHub Sponsors](https://github.com/duanestorey)[ RSS](/packages/wp-privacy-wp-api-privacy/feed)WikiDiscussions main Synced 1mo ago READMEChangelog (10)Dependencies (2)Versions (22)Used By (0) WP API Privacy ============== [](#wp-api-privacy) The default WordPress installation from wordpress.org automatically transmits extraneous information via various HTTP calls that occur in the admin. Some of this data may be cause for concern from a privacy perspective. This plugin seeks to limit that information, attempting to further protect your privacy in the process. Simply install this plugin and activate it, and various aspects of WordPress that are questionable from a privacy perspective will be modified. To find out about recent changes, please [read the Changelog](CHANGELOG.md). Modifications Made ------------------ [](#modifications-made) Default outgoing HTTP requests to third-party services like the plugin and theme update mechanism at WordPress.org contains site and version information in the User-Agent header. For example, all requests contain your website name in the form of , and a version string such as 6.6, giving third-parties detailed information about your site. Combining this information with your IP address (which all servers can determine from incoming requests), provides the recipient with potentially intrusive insight into every website using the WordPress platform. Once active, the plugin strips can be configured to strip this information so requests do not contain information about the domain name that requested them or which version of WordPress it was using. Some API calls, such as the ones to the plugin listings, also contain a version parameter to filter the associated list of plugins - these are left in. ### Plugin And Theme Data [](#plugin-and-theme-data) When a default WordPress installation contains WordPress.org requests information about plugin and theme updates, it sends detailed information about every plugin and theme on your WordPress site, including all the plugin and theme headers available. This occurs even for private plugins or themes, or plugins and themes that are not hosted on WordPress.org. After activation, any plugins or themes that update from third-party repositories (as indicated by the *Update URI* in the plugin header) will be filtered on all outbound requests. ### Core Requests [](#core-requests) When WordPress attempts to do a core software update, it sends along detailed information such as your site URL, how many users you have, how many blogs you have, your MySQL version, your PHP version, the type of server you have (i.e Mac, Linux, Windows, etc) and all the PHP extensions you have on your site. This information can also be selectively filtered to only provide what's absolutey essential to the WordPress API servers. Installation ------------ [](#installation) You can install the package either via a ZIP file, or by using composer. Please note, this plugin is still in active development - please don't install it on any production sites, but feel free to test it on development or less essential sites to help provide feedback. ### ZIP File [](#zip-file) Navigate to the "Releases" [section in the sidebar](https://github.com/wp-privacy/wp-api-privacy/releases/latest), and click on the latest release. Inside the release you will see a ZIP file that looks like *wp-api-privacy.zip*. Simply download that file and then use the WordPress plugin installer in the admin panel to add it. ### Composer [](#composer) You can add the plugin to your website using Composer. First navigate to your main WordPress directory. The execute the command: ``` composer require wp-privacy/wp-api-privacy ``` This will install the plugin to your wp-content/plugins directory. Once done, navigate to your plugins page in the WordPress admin panel and activate the plugin. ### Future Updates [](#future-updates) The plugin will automatically fetch updates via the WordPress admin from this Github repository using the WordPress update mechanism (you will be notified in the admin when an update is available). Verification ------------ [](#verification) After installing the plugin, you can also use the "HTTP Requests Manager" plugin to verify the user-agent field has been changed to "WordPress/Private", and that the plugin information is stripped of any plugins hosted off-site. ### Health Score 39 — LowBetter than 86% of packages Maintenance40 Moderate activity, may be stable Popularity37 Limited adoption so far Community22 Small or concentrated contributor base Maturity48 Maturing project, gaining track record Bus Factor1 Top contributor holds 88.1% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~2 days Recently: every ~10 days Total 20 Last Release 506d ago Major Versions 0.0.7 → 1.0.02024-11-07 ### Community Maintainers ![](https://www.gravatar.com/avatar/c3678b43d6295dd2bc70e261515a0a7ca3bb738b62914f5e6413f65ba260580d?d=identicon)[duanestorey](/maintainers/duanestorey) --- Top Contributors [![duanestorey](https://avatars.githubusercontent.com/u/366185?v=4)](https://github.com/duanestorey "duanestorey (170 commits)")[![wp-privacy](https://avatars.githubusercontent.com/u/187593277?v=4)](https://github.com/wp-privacy "wp-privacy (12 commits)")[![alexclassroom](https://avatars.githubusercontent.com/u/11472643?v=4)](https://github.com/alexclassroom "alexclassroom (5 commits)")[![keremerkan](https://avatars.githubusercontent.com/u/1952491?v=4)](https://github.com/keremerkan "keremerkan (2 commits)")[![javiercasares](https://avatars.githubusercontent.com/u/10290686?v=4)](https://github.com/javiercasares "javiercasares (1 commits)")[![jdevalk](https://avatars.githubusercontent.com/u/487629?v=4)](https://github.com/jdevalk "jdevalk (1 commits)")[![qasedak](https://avatars.githubusercontent.com/u/9540896?v=4)](https://github.com/qasedak "qasedak (1 commits)")[![craigrileyuk](https://avatars.githubusercontent.com/u/68274157?v=4)](https://github.com/craigrileyuk "craigrileyuk (1 commits)") --- Tags pluginwordpressprivacy ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/wp-privacy-wp-api-privacy/health.svg) ``` [![Health](https://phpackages.com/badges/wp-privacy-wp-api-privacy/health.svg)](https://phpackages.com/packages/wp-privacy-wp-api-privacy) ``` ### Alternatives [10up/elasticpress Supercharge WordPress with Elasticsearch. 1.3k374.3k6](/packages/10up-elasticpress) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)