Stop WordPress auto-updates and control information shared with api.wordpress.org

wp-privacy.php

<?php
// you'll have to put a plugin header here

// Stop auto updated in WordPress 3.7+
add_filter( 'auto_update_core', '__return_false' );
add_filter( 'auto_update_plugin', '__return_false' );
add_filter( 'auto_update_theme', '__return_false' );
add_filter( 'auto_update_translation', '__return_false' );

// stop translation updates when updating plugins or themes
add_filter( 'async_update_translation', '__return_false' );

/**
Stop sending WordPress personal information about my blog
Don't send any information about personal themes or plugins to api.WordPress.org
Sent information includes current version of WordPress and your web address
Also any non-WordPress site plugins and also what plugins or theme you have active
*/
function private_update_check( $request, $url ) {
	if ( false !== strstr( $url, 'cron.php' ) ) {
		return $request;
	}

	$request['user-agent'] = 'WordPress;';
	if ( isset( $request['headers']['User-Agent'] ) ) {
		$request['headers']['User-Agent'] = 'WordPress';
	}
	if ( isset( $request['headers']['user-agent'] ) ) {
		$request['headers']['user-agent'] = 'WordPress';
	}
	if ( isset( $request['headers']['Referer'] ) ) {
		unset( $request['headers']['Referer'] );
	}
	if ( isset( $request['headers']['wp_install'] ) ) {
		unset( $request['headers']['wp_install'] );
	}
	if ( isset( $request['headers']['wp_blog'] ) ) {
		unset( $request['headers']['wp_blog'] );
	}

	if ( false !== strpos( $url, 'api.wordpress.org/plugins/update-check/' ) ) {
		$my_plugins = array( 'wp-fix/myplugs.php', 'wpmq/wpmq.php', 're-id.php', 'emailer.php', 'esahg/esahg.php', 'subscribe2_html/subscribe2.php', 'wp-db-backup/wp-db-backup.php' );
		$plugins = json_decode( $request['body']['plugins'] );
		foreach ( $my_plugins as $my_plugin ) {
			unset( $plugins->plugins->$my_plugin );
		}
		unset( $plugins->active );
		$request['body']['plugins'] = json_encode( $plugins );
	}

	if ( false !== stripos( $url, 'api.wordpress.org/themes/update-check' ) ) {
		$themes = json_decode( $request['body']['themes'] );
		unset( $themes->themes->RxPool5 );
		unset( $themes->active );
		$request['body']['themes'] = json_encode( $themes );
	}

	return $request;
}
add_filter( 'http_request_args', 'private_update_check', 1, 2 );

/**
Requests to api.wordpress.org may also contain other data about your site
Things like PHP and MySQL version might be fair enough
But why do they need to know if you are multisite and how many users you have
*/
function privacy_filter_http_request( $result, $args, $url ) {
	if ( $result || isset( $args['_privacy_filter'] ) ) {
		return $result;
	}

	if ( false === strstr( $url, 'api.wordpress.org/core/version-check/' ) &&
		false === strstr( $url, 'api.wordpress.org/themes/' ) &&
		false === strstr( $url, 'api.wordpress.org/plugins/' ) &&
		false === strstr( $url, 'api.wordpress.org/translations/' )
	) { return $result; }

	$args['_privacy_filter'] = true;

	$keys = array(
		'php',
		'locale',
		'mysql',
		'local_package',
		'blogs',
		'users',
		'multisite_enabled',
		'initial_db_version',
	);
	$url = remove_query_arg( $keys, $url );

	$http = _wp_http_get_object();
	$result = $http->request( $url, $args );
	return $result;
}
add_filter( 'pre_http_request', 'privacy_filter_http_request', 10, 3 );

/**
Let's make sure we zero the blog and user count even if we can't remove it completely
*/
function falsify_user_blog_count() {
	add_filter( 'pre_site_option_blog_count', '__return_zero' );
	add_filter( 'pre_site_option_user_count', '__return_zero' );
}
add_action( 'wp_version_check', 'falsify_user_blog_count', 1 );
?>