// ═══════════════════════════════════════════════════════ // IMAST SECURITY HARDENING // ═══════════════════════════════════════════════════════ // 1. Disable XML-RPC completely add_filter("xmlrpc_enabled", "__return_false"); add_filter("xmlrpc_methods", function() { return []; }); // 2. Hide WordPress version remove_action("wp_head", "wp_generator"); add_filter("the_generator", "__return_empty_string"); // 3. Block REST API user enumeration for unauthenticated users add_filter("rest_endpoints", function($endpoints) { if (!is_user_logged_in()) { unset($endpoints["/wp/v2/users"]); unset($endpoints["/wp/v2/users/(?P[\\d]+)"]); } return $endpoints; }); // 4. Block author enumeration add_action("template_redirect", function() { if (is_author()) { wp_redirect(home_url(), 301); exit; } }); // 5. Login rate limiting (5 attempts, 15 min lockout) add_filter("authenticate", function($user, $username, $password) { if (empty($username)) return $user; $ip = $_SERVER["REMOTE_ADDR"] ?? "unknown"; $attempts = get_transient("login_attempts_" . md5($ip)) ?: 0; if ($attempts >= 5) { return new WP_Error("too_many_attempts", "ERROR: Too many failed login attempts. Try again in 15 minutes."); } return $user; }, 30, 3); add_action("wp_login_failed", function($username) { $ip = $_SERVER["REMOTE_ADDR"] ?? "unknown"; $key = "login_attempts_" . md5($ip); set_transient($key, (get_transient($key) ?: 0) + 1, 15 * MINUTE_IN_SECONDS); }); add_action("wp_login", function() { delete_transient("login_attempts_" . md5($_SERVER["REMOTE_ADDR"] ?? "unknown")); }); // 6. Remove unnecessary headers add_action("init", function() { remove_action("wp_head", "wlwmanifest_link"); remove_action("wp_head", "rsd_link"); remove_action("wp_head", "wp_shortlink_wp_head"); }); // 7. Security headers add_action("send_headers", function() { if (!is_admin()) { header("X-Content-Type-Options: nosniff"); header("X-Frame-Options: SAMEORIGIN"); header("X-XSS-Protection: 1; mode=block"); header("Referrer-Policy: strict-origin-when-cross-origin"); } }); Page not found – IMAST CMS

IMAST CMS

Small totara tree on ridge above Long Point

Page not found

The page you are looking for doesn't exist, or it has been moved. Please try searching using the form below.