Is there any plugin or method to know outgoing data? Nowadays every 5th plugin use to fetch data from sites. And I noticed that plugin authors are very enjoying this function. But as plugin users I’m liking it sometimes.
So far I’ve been digging into plugin files to remove their codes. But its not possible to do after every plugin update.
I think this features is facilitated by wordpress own functions. Is there any method to turn it off?
For example Yoast seo plugin uses this file to fetch information about users. He even gets contents from database queries. Isn’t it too much? The same way any plugin can get passwords too.
The functionality of making network requests for getting and sending data is abstracted into HTTP API in WordPress. As long as plugins do use related functions (and not make requests directly via raw PHP) you have degree of control over the behavior.
The easiest way is probably to only whitelist hosts you need/trust and leave rest blocked.
define( 'WP_HTTP_BLOCK_EXTERNAL', true ); define( 'WP_ACCESSIBLE_HOSTS', 'api.wordpress.org,*.github.com' );
See Block External URL Requests in Codex.