Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Disable admin-ajax on the front-end of WordPress sites and cache the resulting 404.
<?php
if(
strpos( $_SERVER['HTTP_REFERER'], 'wp-admin' ) === false &&
strpos( $_SERVER['REQUEST_URI'], 'admin-ajax.php' ) !== false
) {
header( 'Cache-Control: max-age=30000, must-revalidate' );
header( 'Expires: ' . gmdate( 'D, d M Y H:i:s', strtotime( '+5000 minutes' ) ) . ' GMT' );
header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s', strtotime( '-5000 minutes' ) ) . ' GMT' );
header( $_SERVER["SERVER_PROTOCOL"]." 404 Not Found" );
die;
}
@jessuppi

This comment has been minimized.

Copy link

@jessuppi jessuppi commented Mar 21, 2018

Thanks Mike! We launched a free WordPress plugin inspired in part by your snippet:

https://wordpress.org/plugins/disable-admin-ajax-littlebizzy/
https://github.com/littlebizzy/disable-admin-ajax

We've mentioned you in the readme.txt as well.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.