If you're looking for the ultimate WordPress speed optimisation without relying on paid plugins like Perfmatters, you've just hit the jackpot. Below you'll find battle-tested tweaks you can apply manually via your functions.php or wp-config.php file to disable unnecessary features, reduce bloat, and dramatically improve your site speed.
Let's be honest — WordPress can sometimes feel like it's carrying around a bit too much holiday weight. These WordPress speed optimisation code snippets are like a digital diet plan for your website. And the best part? Unlike my attempts at actual dieting, these actually work! I've personally shaved entire seconds off load times with these tricks, which in website terms is like going from a mobility scooter to a Ferrari.
Table of Contents
- Disable Emojis
- Disable Dashicons
- Disable Embeds
- Disable XML-RPC
- Remove jQuery Migrate
- Hide WordPress Version
- Remove RSD & Shortlink Tags
- Disable RSS Feeds & Links
- Disable Self Pingbacks
- Disable REST API
- Disable Google Maps
- Exclude Post IDs
- Disable Comments
- Add Blank Favicon
- Remove Global Styles & Block Styles
- Tweak Autosave and Heartbeat
Disable Emojis
// WHAT THIS DOES: Removes the emoji scripts and styles that WordPress adds by default
// WHY IT HELPS: Reduces HTTP requests and saves ~15KB of unnecessary code
// WHO NEEDS THIS: Everyone who doesn't rely on WordPress's built-in emoji conversion
remove_action('wp_head', 'print_emoji_detection_script', 7);
remove_action('wp_print_styles', 'print_emoji_styles');
Explanation: WordPress automatically loads emoji support for all sites, even if you never use emojis. This code removes those extra files, making your site load a smidge faster. Most modern browsers and devices already support emojis natively, so WordPress's extra emoji code is redundant for most sites.
Benefits: Reduces page weight, eliminates unnecessary HTTP requests.
Drawbacks: If you use WordPress's emoji conversion feature (different from just typing emojis), those won't work anymore.
Disable Dashicons (for non-logged-in users)
// WHAT THIS DOES: Stops the WordPress admin icons (Dashicons) from loading for normal visitors
// WHY IT HELPS: Prevents downloading a ~45KB file your visitors don't need
// WHO NEEDS THIS: Anyone whose site doesn't use Dashicons in the front-end design
if (!is_user_logged_in()) {
add_action('wp_enqueue_scripts', function() {
wp_deregister_style('dashicons');
});
}
Explanation: Dashicons are the little icons used in the WordPress admin area. For some reason, WordPress loads these icons for everyone visiting your site, even though regular visitors never see the admin area. This code stops those icons from loading for non-logged-in users but keeps them working for admins.
Benefits: Eliminates an unnecessary 45KB download for most visitors.
Drawbacks: If your theme uses Dashicons on the frontend (rare, but possible), those icons will disappear.
Disable Embeds
// WHAT THIS DOES: Turns off WordPress's ability to embed content from other sites automatically
// WHY IT HELPS: Prevents loading the embed script (~5KB) and improves privacy
// WHO NEEDS THIS: Anyone who doesn't need auto-embedded YouTube/Twitter/etc content
function disable_embeds_code_init() {
// Remove REST API endpoint for embeds
remove_action('rest_api_init', 'wp_oembed_register_route');
// Turn off oEmbed auto discovery
remove_filter('rest_pre_serve_request', '_oembed_rest_pre_serve_request', 10);
// Don't filter oEmbed results
remove_filter('oembed_dataparse', 'wp_filter_oembed_result', 10);
// Remove oEmbed discovery links
remove_action('wp_head', 'wp_oembed_add_discovery_links');
// Remove oEmbed JavaScript from header
remove_action('wp_head', 'wp_oembed_add_host_js');
// Remove filter of the oEmbed result before any HTTP requests are made
remove_filter('pre_oembed_result', 'wp_filter_pre_oembed_result', 10);
}
add_action('init', 'disable_embeds_code_init', 9999);
Explanation: WordPress has a feature where you can paste a YouTube URL and it automatically converts it to an embedded video. This is called oEmbed, and it loads extra JavaScript even if you never use it. This code turns off that entire system, making your site leaner.
Benefits: Removes unnecessary scripts, improves page load speed, and enhances privacy by preventing automatic connections to third-party sites.
Drawbacks: You'll need to use the actual embed code instead of just pasting URLs if you want to embed videos or tweets.
Disable XML-RPC
// WHAT THIS DOES: Turns off an older WordPress API system that can be a security risk
// WHY IT HELPS: Reduces attack surface and blocks a common entry point for hackers
// WHO NEEDS THIS: Anyone not using the WordPress mobile app or certain legacy tools
function disable_xmlrpc() {
add_filter('xmlrpc_enabled', '__return_false');
}
add_action('init', 'disable_xmlrpc');
Explanation: XML-RPC is an older system WordPress uses to allow remote connections, like from mobile apps. Unfortunately, it's also a favourite target for brute-force attacks and can put unnecessary load on your server. Unless you're using the WordPress mobile app or some older tools, you probably don't need it.
Benefits: Improves security by closing a common attack vector, reduces server load from malicious login attempts.
Drawbacks: WordPress mobile app and some third-party services that rely on XML-RPC will stop working.
"Security isn't just about having a strong password—it's about reducing your attack surface wherever possible. XML-RPC is one of those legacy features that creates more risk than reward for most sites."
— From our guide on WordPress Security Risks & Maintenance
Remove jQuery Migrate
// WHAT THIS DOES: Stops loading the jQuery compatibility script for older code
// WHY IT HELPS: Reduces JavaScript by ~10KB and makes jQuery load faster
// WHO NEEDS THIS: Sites using modern themes that don't rely on deprecated jQuery
function dequeue_jquery_migrate($scripts) {
if (!is_admin() && isset($scripts->registered['jquery'])) {
$script = $scripts->registered['jquery'];
if ($script->deps) {
// Remove jQuery Migrate from the dependencies
$script->deps = array_diff($script->deps, ['jquery-migrate']);
}
}
}
add_filter('wp_default_scripts', 'dequeue_jquery_migrate');
Explanation: jQuery Migrate helps old jQuery code work with newer versions of jQuery. If your theme and plugins are all reasonably up-to-date, you probably don't need this compatibility layer. Removing it makes your site load faster.
Benefits: Reduces JavaScript payload, speeds up jQuery initialization.
Drawbacks: May break functionality in older themes or plugins that rely on deprecated jQuery functions.
Hide WordPress Version
// WHAT THIS DOES: Removes the WordPress version number from your site's HTML source
// WHY IT HELPS: Makes it harder for hackers to target known vulnerabilities in your WordPress version
// WHO NEEDS THIS: Everyone concerned about security (which should be everyone!)
remove_action('wp_head', 'wp_generator');
Explanation: By default, WordPress broadcasts its exact version number in your page's HTML. This is like putting a sign on your door telling burglars exactly what lock you're using. This code removes that information, making it slightly harder for hackers to know which vulnerabilities might work on your site.
Benefits: Basic security improvement that hides unnecessary information from potential attackers.
Drawbacks: None! This is a no-brainer for everyone.
Remove RSD & Shortlink Tags
// WHAT THIS DOES: Removes "Really Simple Discovery" link and WordPress shortlink from HTML head
// WHY IT HELPS: Cleans up your HTML and removes unused metadata
// WHO NEEDS THIS: Anyone not using XML-RPC services or WordPress shortlinks
remove_action('wp_head', 'rsd_link');
remove_action('wp_head', 'wp_shortlink_wp_head');
Explanation: WordPress adds several extra links in your HTML's <head> section that most sites never use. RSD (Really Simple Discovery) links are for old blogging tools, and shortlinks are rarely used by most site owners. This code removes both, making your HTML cleaner.
Benefits: Cleaner HTML code, marginally faster page loads.
Drawbacks: If you actually use WordPress shortlinks or XML-RPC blogging clients (rare these days), those features would be affected.
Disable RSS Feeds & Links
// WHAT THIS DOES: Turns off RSS feeds and removes feed links from your site's header
// WHY IT HELPS: Prevents wasted resources generating unused feeds and reduces HTML clutter
// WHO NEEDS THIS: Sites that don't use RSS for content syndication
function disable_feeds() {
// Show an error message when someone tries to access a feed
wp_die(__('No feed available.'));
}
// Disable all types of feeds
add_action('do_feed', 'disable_feeds', 1);
add_action('do_feed_rdf', 'disable_feeds', 1);
add_action('do_feed_rss', 'disable_feeds', 1);
add_action('do_feed_rss2', 'disable_feeds', 1);
add_action('do_feed_atom', 'disable_feeds', 1);
// Remove feed links from head
remove_action('wp_head', 'feed_links', 2);
remove_action('wp_head', 'feed_links_extra', 3);
Explanation: WordPress automatically creates RSS feeds for your content and adds links to those feeds in your site's HTML. If you're not using RSS (most modern sites aren't), these are just wasting server resources and adding clutter to your HTML.
Benefits: Reduces server load, simplifies HTML, prevents feed crawlers from accessing unused content.
Drawbacks: Anyone using feed readers to follow your content won't be able to anymore. If you have readers who subscribe via RSS, don't use this.
Disable Self Pingbacks
// WHAT THIS DOES: Prevents WordPress from notifying itself when you link to your own content
// WHY IT HELPS: Reduces database clutter and unnecessary server processing
// WHO NEEDS THIS: Everyone (self-pingbacks serve no practical purpose)
function disable_self_pings(&$links) {
foreach ($links as $l => $link) {
// Check if the link is to your own site
if (0 === strpos($link, get_option('home'))) unset($links[$l]);
}
}
add_action('pre_ping', 'disable_self_pings');
Explanation: When you link to another WordPress site, WordPress sends a "pingback" to notify that site. Oddly, WordPress also sends these notifications to itself when you link to your own content. This creates pointless database entries and wastes processing time. This code stops WordPress from pinging itself.
Benefits: Reduces unnecessary database entries, prevents wasted processing power.
Drawbacks: None! This is a pure improvement.
Disable REST API (Front-end only)
// WHAT THIS DOES: Turns off WordPress's modern API for front-end visitors
// WHY IT HELPS: Reduces potential attack vectors and eliminates unnecessary endpoints
// WHO NEEDS THIS: Sites not using the block editor or API-dependent features
// WARNING: Will break the block editor and some modern plugins
add_filter('rest_enabled', '__return_false');
add_filter('rest_jsonp_enabled', '__return_false');
remove_action('xmlrpc_rsd_apis', 'rest_output_rsd');
remove_action('wp_head', 'rest_output_link_wp_head', 10);
remove_action('template_redirect', 'rest_output_link_header', 11);
Explanation: The WordPress REST API allows external access to your WordPress data through JSON endpoints. While it enables modern features like the block editor, it also exposes more of your site data publicly. This code disables it for front-end visitors while keeping it available in the admin area.
Benefits: Improved security, fewer exposed endpoints.
Drawbacks: Will break the Gutenberg block editor and many modern plugins. Only use this if you're using the classic editor and don't have plugins that depend on the REST API.
"When optimising WordPress, it's always a balance between speed and functionality. The REST API is essential for modern WordPress features, but if you're sticking with classic tools, disabling it can give you a security boost."
— From our post on WordPress Turbo Hosting
Disable Google Maps (loaded via theme or plugin)
// WHAT THIS DOES: Prevents Google Maps scripts from loading on all pages
// WHY IT HELPS: Eliminates a large JavaScript file (~45KB) when not needed
// WHO NEEDS THIS: Sites with maps only on specific pages, or not using maps at all
// NOTE: You'll need to adjust 'google-maps' to match your theme's script handle
function dequeue_gmaps() {
// Remove Google Maps scripts (customize the handle name as needed)
wp_dequeue_script('google-maps');
wp_deregister_script('google-maps');
}
add_action('wp_enqueue_scripts', 'dequeue_gmaps', 100);
Explanation: Many themes load Google Maps on every page, even if you only use maps on your contact page. This wastes bandwidth and slows loading on all your other pages. This code removes Google Maps scripts entirely.
Benefits: Faster page loads, reduced external dependencies.
Drawbacks: Maps won't work anywhere on your site. If you need maps on specific pages, consider a more selective solution or only use this code on pages without maps.
Exclude Post IDs from Homepage
// WHAT THIS DOES: Prevents specific posts from appearing on your homepage
// WHY IT HELPS: Lets you hide certain content without using complex plugins
// WHO NEEDS THIS: Anyone with posts that should be accessible but not featured
function exclude_posts_home($query) {
if ($query->is_home() && $query->is_main_query()) {
// Replace these numbers with the IDs of posts you want to exclude
$query->set('post__not_in', [23, 19]);
}
}
add_action('pre_get_posts', 'exclude_posts_home');
Explanation: Sometimes you have content that should be published but not displayed on your main blog page. Maybe it's a thank-you post or specialized content only accessible via direct links. This code lets you hide specific posts from your homepage while keeping them published and accessible via direct URLs.
Benefits: More control over homepage content without needing additional plugins.
Drawbacks: None, as long as you correctly identify the post IDs you want to exclude.
Disable Comments Site-wide
// WHAT THIS DOES: Completely removes comment functionality from your WordPress site
// WHY IT HELPS: Eliminates comment-related code, database queries, and spam risks
// WHO NEEDS THIS: Sites that don't need or want user comments
add_action('admin_init', function() {
// Loop through all post types
foreach (get_post_types() as $type) {
// Check if the post type supports comments
if (post_type_supports($type, 'comments')) {
// Remove comment support
remove_post_type_support($type, 'comments');
// Remove trackback support too
remove_post_type_support($type, 'trackbacks');
}
}
});
Explanation: If you don't use comments on your site, why load all the comment-related code and deal with potential spam? This code completely disables comment functionality across your entire site, for all post types. It's a more thorough solution than just turning comments off in the settings.
Benefits: Eliminates comment-related spam, simplifies your admin area, improves security, speeds up page loads.
Drawbacks: You won't be able to use comments anywhere (obviously). If you want commenting on just some content, this isn't the right approach.
Add Blank Favicon
// WHAT THIS DOES: Stops WordPress from trying to show your site icon in browsers
// WHY IT HELPS: Prevents 404 errors if you haven't set up a favicon
// WHO NEEDS THIS: Sites without a custom favicon that don't want to use the default
remove_action('wp_head', 'wp_site_icon', 99);
Explanation: WordPress tries to display a site icon (favicon) in browser tabs, but if you haven't set one up, this can cause 404 errors. If you don't have a favicon and don't want one, this code prevents WordPress from trying to display it, eliminating those 404 errors.
Benefits: Prevents unnecessary 404 errors in browser consoles.
Drawbacks: You won't have any site icon in browser tabs unless you add one manually with your own code.
Remove Global Styles & Separate Block Styles
// WHAT THIS DOES: Removes WordPress's default CSS for the block editor
// WHY IT HELPS: Eliminates ~30KB of CSS that might be unnecessary
// WHO NEEDS THIS: Sites using classic editor or custom block styling
add_action('wp_enqueue_scripts', function() {
// Remove global styles added by WordPress 5.9+
wp_dequeue_style('global-styles');
// Remove default block library CSS
wp_dequeue_style('wp-block-library');
});
Explanation: WordPress includes a bunch of CSS styles for the block editor, even on sites that don't use blocks or have their own custom styling. This code removes those default styles, making your site leaner if you don't need them.
Benefits: Reduces CSS payload, fewer render-blocking resources.
Drawbacks: If you're using the block editor, your blocks might look unstyled or broken. Only use this if you have custom block styling or don't use the block editor at all.
"WordPress's block editor brought modern editing capabilities, but also added extra code weight. If you're sticking with the classic editor for its simplicity, you might as well remove the unused block code."
— From our post Creating a WordPress Website: A Beginner's Guide
Tweak Autosave and Heartbeat
In wp-config.php:
// WHAT THIS DOES: Changes how often WordPress automatically saves your drafts
// WHY IT HELPS: Reduces server load from frequent autosaves
// WHO NEEDS THIS: Sites with long-form content or multiple concurrent editors
// Set autosave to every 3 minutes instead of default 1 minute
define('AUTOSAVE_INTERVAL', 180);
In functions.php:
// WHAT THIS DOES: Completely disables the WordPress Heartbeat API
// WHY IT HELPS: Eliminates AJAX polling that happens every 15-60 seconds
// WHO NEEDS THIS: Sites where admin performance is more important than real-time updates
// CAUTION: Will disable some real-time features in the WordPress admin
add_filter('heartbeat_send', '__return_false');
Or to reduce frequency instead:
// WHAT THIS DOES: Slows down the Heartbeat API instead of disabling it completely
// WHY IT HELPS: Reduces AJAX requests while keeping functionality
// WHO NEEDS THIS: A good compromise for most WordPress sites
add_filter('heartbeat_settings', function($settings) {
// Change polling interval to 15 seconds (default is often 5 seconds)
$settings['interval'] = 15;
return $settings;
});
Explanation: WordPress has two background processes that can be resource-intensive: Autosave and Heartbeat. Autosave automatically saves your drafts while editing, and Heartbeat is an AJAX polling system that enables real-time updates in the admin area. Both can put unnecessary load on your server.
Benefits: Reduced server load, better admin performance, less resource usage.
Drawbacks: Less frequent draft saving (could lose more work in case of a crash), and reducing/disabling Heartbeat affects real-time notifications and post locking in the admin area.
Final Word
None of these changes are permanent—you can always re-enable features by removing or commenting out the relevant code. For those who prefer a simpler, UI-based approach, tools like Perfmatters are great—but if you're comfortable with code, these tweaks give you more control and better speed, for free.
I've been implementing these tweaks on client sites for years, and the performance gains can be genuinely impressive. On one recent project, we shaved off nearly a second of load time just by applying these "digital weight loss" techniques. That might not sound like much until you realise that studies show 40% of visitors abandon sites that take more than 3 seconds to load!
At this point, I should probably charge you for this information, but I'll settle for a cuppa if we ever meet. These optimisations have saved my bacon on countless projects where clients demanded faster sites without additional costs. It's amazing how impressed people are when you turn their digital tortoise into a hare with just a few lines of code.
"Speed isn't just a technical metric—it's a core component of user experience. Every millisecond you shave off load times translates to improved engagement and conversion rates."
— From our guide on Best WordPress Hosting for 2025
How can I improve WordPress speed without using plugins?
You can enhance WordPress speed without plugins by implementing manual optimizations like disabling emojis, dashicons, embeds, XML-RPC, jQuery Migrate, and other unnecessary elements that can impact site performance.
What are the benefits of disabling emojis in WordPress?
Disabling emojis in WordPress can lead to enhanced site speed by reducing unnecessary script loading and improving overall performance by eliminating elements that may not be essential for the site's functionality.
What are the security benefits of removing XML-RPC from WordPress?
Removing XML-RPC from WordPress can enhance security by eliminating a potential entry point for attackers, reducing the risk of brute force attacks and unauthorized access to the site through this protocol.
How can I hide the WordPress version from the site's HTML source?
You can hide the WordPress version from the site's HTML source by modifying the functions.php file or using specific code snippets that prevent the version number from being exposed, thereby enhancing security by reducing the risk of potential vulnerabilities.
How can I prevent WordPress from notifying itself when linking to own content?
You can prevent WordPress from self-pingbacks by disabling this feature in the WordPress settings, which helps improve database efficiency and prevents unnecessary notifications that do not add value to the site.
What are the potential drawbacks of disabling RSS feeds and links in WordPress?
Disabling RSS feeds and links in WordPress may limit content distribution options and reduce engagement possibilities with external platforms, potentially impacting the reach and visibility of the site's content beyond its domain.
How can I exclude specific post IDs from the homepage in WordPress?
You can exclude specific post IDs from the homepage in WordPress by utilizing code snippets or plugins that allow you to customize the query for the homepage, ensuring that selected posts are not displayed on the main page.
What are the advantages of removing global styles and separate block styles in WordPress?
Removing global styles and separate block styles in WordPress can streamline the site's design consistency, reduce unnecessary CSS loading, and optimize performance by eliminating redundant styling elements that may not be required for the site's layout.
How can I tweak autosave and heartbeat settings in WordPress for improved performance?
You can enhance WordPress performance by adjusting autosave and heartbeat settings to reduce the frequency of automatic saves and heartbeats, thereby decreasing server load and optimizing resources for better site responsiveness.
What are the recommended techniques for WordPress speed optimization without plugins?
Recommended techniques for WordPress speed optimization without plugins include manual adjustments like disabling unnecessary features, cleaning up code, optimizing settings, and customizing functionalities tailored to improve site performance and security.
What are the key features of Elementor Pro for WordPress?
Elementor Pro for WordPress offers advanced features like theme builder, popup builder, WooCommerce builder, dynamic content, custom CSS, motion effects, form integrations, and more, empowering users to create visually stunning websites with enhanced customization and functionality.
How do I add a blank favicon in WordPress?
To add a blank favicon in WordPress, you can upload a transparent or blank image file as the site's favicon through the WordPress Customizer or by manually editing the theme's header.php file to link to the blank favicon image.
What is the impact of disabling comments site-wide in WordPress?
Disabling comments site-wide in WordPress can streamline site maintenance, reduce spam risks, improve page loading speed, and enhance user experience by focusing on content without distractions from comments.
How can I disable Google Maps loaded via theme or plugin in WordPress?
You can disable Google Maps loaded via theme or plugin in WordPress by removing or deactivating the specific map integration code, ensuring that unnecessary map scripts are not loaded on the site to optimize performance and reduce server requests.
Learn more about our WordPress Hosting.
Want expert help optimising your WordPress site? Get in touch with us at 365i. We live and breathe fast, secure, no-nonsense WordPress Hosting: https://staging.365i.co.uk/wordpress-hosting/.
When you host with us, many of these optimisations come pre-configured on our WordPress Turbo Hosting platform, so you can focus on creating content, not tweaking code. And if we're being honest, wouldn't you rather be doing literally anything other than debugging your functions.php file on a Friday night?
