Unbeknownst to me until recently, the WordPress plugin “WP Optimize” creates a file called “wpo-plugins-tables-list.json,” which lives in your public “uploads” directory. This is the directory where WordPress saves your images.
“wpo-plugins-tables-list.json” contains all of your sites plugins and their associated database tables. Despite some of this information already being publicly available, providing a file like this is just inviting brute force campaigns.
It’s incredible that WP Optimize provides this information — and in 2022, when cybersecurity should be a priority!
So to disable WP Optimize from creating this file, you can include the following “add_filter” statement in a custom plugin, or your function.php file:
add_filter( 'wpo_update_plugin_json', '__return_false' );
For more information, see source below.