When you go to the Dashboard of your WordPress site, WordPress checks whether your browser is up-to-date, and displays a notice if it is not. However, the browser check is performed by an external site. WP sends such data as: visitor’s user agent string, WordPress version, and the URL of the blog (and, implicitly, its IP address). Unfortunately, there is no way to opt out of that in the Dashboard. Luckily, there is a solution.
By default, WordPress allows an unauthenticated user to view the list of the registered users with the help of the REST API. But, for example, to view the list of the users in the Dashboard, the user needs to have `list_users` capability (that is, be an Administrator). While the REST API does not expose sensitive information (such as emails) to unauthenticated users, it may be desirable to restrict `users` endpoint form unauthenticated users.
The article describes a way to use custom XML stylesheets for sitemaps generated by Yoast SEO plugin. Custom stylesheets can be good if you want to get rid of spammy links back to Yoast website in every generated sitemap file.
Yesterday I made a terrible mistake by updating Yoast SEO plugin to its latest version (8.3) without prior testing. This resulted in significant server load. Luckily, the fix was easy.