wp-privacy/wp-api-privacy 问题修复 & 功能扩展

解决BUG、新增功能、兼容多环境部署,快速响应你的开发需求

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

wp-privacy/wp-api-privacy

Composer 安装命令:

composer require wp-privacy/wp-api-privacy

包简介

Strips potentially identifying information from outbound requests to the WordPress.org API

README 文档

README

The default WordPress installation from wordpress.org automatically transmits extraneous information via various HTTP calls that occur in the admin. Some of this data may be cause for concern from a privacy perspective.

This plugin seeks to limit that information, attempting to further protect your privacy in the process. Simply install this plugin and activate it, and various aspects of WordPress that are questionable from a privacy perspective will be modified.

To find out about recent changes, please read the Changelog.

Modifications Made

Default outgoing HTTP requests to third-party services like the plugin and theme update mechanism at WordPress.org contains site and version information in the User-Agent header. For example, all requests contain your website name in the form of http://mysite.com, and a version string such as 6.6, giving third-parties detailed information about your site. Combining this information with your IP address (which all servers can determine from incoming requests), provides the recipient with potentially intrusive insight into every website using the WordPress platform.

Once active, the plugin strips can be configured to strip this information so requests do not contain information about the domain name that requested them or which version of WordPress it was using. Some API calls, such as the ones to the plugin listings, also contain a version parameter to filter the associated list of plugins - these are left in.

Plugin And Theme Data

When a default WordPress installation contains WordPress.org requests information about plugin and theme updates, it sends detailed information about every plugin and theme on your WordPress site, including all the plugin and theme headers available. This occurs even for private plugins or themes, or plugins and themes that are not hosted on WordPress.org.

After activation, any plugins or themes that update from third-party repositories (as indicated by the Update URI in the plugin header) will be filtered on all outbound requests.

Core Requests

When WordPress attempts to do a core software update, it sends along detailed information such as your site URL, how many users you have, how many blogs you have, your MySQL version, your PHP version, the type of server you have (i.e Mac, Linux, Windows, etc) and all the PHP extensions you have on your site. This information can also be selectively filtered to only provide what's absolutey essential to the WordPress API servers.

Installation

You can install the package either via a ZIP file, or by using composer. Please note, this plugin is still in active development - please don't install it on any production sites, but feel free to test it on development or less essential sites to help provide feedback.

ZIP File

Navigate to the "Releases" section in the sidebar, and click on the latest release. Inside the release you will see a ZIP file that looks like wp-api-privacy.zip. Simply download that file and then use the WordPress plugin installer in the admin panel to add it.

Composer

You can add the plugin to your website using Composer. First navigate to your main WordPress directory.

The execute the command:

composer require wp-privacy/wp-api-privacy

This will install the plugin to your wp-content/plugins directory. Once done, navigate to your plugins page in the WordPress admin panel and activate the plugin.

Future Updates

The plugin will automatically fetch updates via the WordPress admin from this Github repository using the WordPress update mechanism (you will be notified in the admin when an update is available).

Verification

After installing the plugin, you can also use the "HTTP Requests Manager" plugin to verify the user-agent field has been changed to "WordPress/Private", and that the plugin information is stripped of any plugins hosted off-site.

wp-privacy/wp-api-privacy 适用场景与选型建议

wp-privacy/wp-api-privacy 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 2.65k 次下载、GitHub Stars 达 163, 最近一次更新时间为 2024 年 11 月 07 日, 在 PHP 生态内属于活跃度较高的组件。

它主要适用于以下技术方向: 「plugin」 「wordpress」 「privacy」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。

我们在过去多个企业项目中使用过 wp-privacy/wp-api-privacy 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。

围绕 wp-privacy/wp-api-privacy 我们能提供哪些服务?
定制开发 / 二次开发

基于 wp-privacy/wp-api-privacy 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。

BUG 修复 & 性能优化

线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。

项目外包 & 长期维护

承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。

yvsm@zunyunkeji.com QQ:316430983 微信:yvsm316 西安尊云信息科技 · 专注 PHP / Go / 分布式系统研发

统计信息

  • 总下载量: 2.65k
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 163
  • 点击次数: 9
  • 依赖项目数: 0
  • 推荐数: 0

GitHub 信息

  • Stars: 163
  • Watchers: 15
  • Forks: 10
  • 开发语言: PHP

其他信息

  • 授权协议: GPL-3.0-or-later
  • 更新时间: 2024-11-07