From c4b7b0ad342251281ad67db475c5b05bae56f0de Mon Sep 17 00:00:00 2001
From: James Hunt <10615884+thetwopct@users.noreply.github.com>
Date: Tue, 14 Mar 2023 22:16:46 +0700
Subject: [PATCH] #749 Adding xml-rpc prevention filters

---
 .../themes/lfevents/library/cleanup.php       | 20 ++++++++++++++++---
 1 file changed, 17 insertions(+), 3 deletions(-)

diff --git a/web/wp-content/themes/lfevents/library/cleanup.php b/web/wp-content/themes/lfevents/library/cleanup.php
index 405cd017f..f34e245ea 100755
--- a/web/wp-content/themes/lfevents/library/cleanup.php
+++ b/web/wp-content/themes/lfevents/library/cleanup.php
@@ -75,13 +75,27 @@ function foundationpress_cleanup_head() {
 		// Emoji styles.
 		remove_action( 'wp_print_styles', 'print_emoji_styles' );
 
+		// Remove emojis.
 		add_filter( 'emoji_svg_url', '__return_false' );
 
-		// stop xmlrpc.
-		add_filter( 'xmlrpc_enabled', '__return_false' );
-
 		// remove application passwords.
 		add_filter( 'wp_is_application_passwords_available', '__return_false' );
+
+		// controls whether XML-RPC methods requiring authentication are enabled.
+		add_filter( 'xmlrpc_enabled', '__return_false' );
+
+		// Unregister the whole XML-RPC method space.
+		add_filter( 'xmlrpc_methods', fn( $methods ) => array() );
+
+		// deactivate x-pingback HTTP header.
+		add_filter(
+			'wp_headers',
+			function( $headers ) {
+				unset( $headers['X-Pingback'] );
+				return $headers;
+			}
+		);
+
 	}
 endif;