BlackSwan | Block External Request
BlackSwan Block External Request gives you granular control over every outgoing connection your WordPress site makes — both server-side PHP requests and browser-loaded JS/CSS resources.
WordPress, plugins, and themes constantly send background HTTP requests: update checks, license pings, analytics, font downloads, CDN calls, and more. On slow servers or restricted hosting environments, these requests can add seconds to every admin page load.
This plugin lets you block what you don’t need and keep what you do.
What it does
Server-side HTTP Blocking (PHP)
Intercepts outgoing wp_remote_get / wp_remote_post calls via the pre_http_request filter. Add domains to the blacklist and they’ll be blocked before the request is even made. Whitelist specific URL patterns to let essential requests through (e.g. plugin update API).
Browser-side Resource Blocking (JS/CSS by Domain) Deregisters enqueued JavaScript and CSS files loaded from blacklisted external domains. Toggle separately for admin panel and public frontend. Your own site’s assets are never touched.
Block Specific Resources (by URL) Block individual JS or CSS files by full URL, partial path, or even just a filename — works for both local and external resources. Per-item backend/frontend toggle. Perfect for removing unwanted plugin assets without editing code.
Features
- Blacklist & whitelist with inline edit, delete, and delete-all
- Block external JS/CSS by domain (backend, frontend, or both)
- Block specific resources by URL pattern (local or external)
- One-click pause/resume — instantly disable all blocking
- Safe mode via
?bswan-safe=1— emergency bypass for any admin page - Settings page auto-bypasses resource blocking so you never lock yourself out
- Export/import all settings as a single JSON file
- AJAX-powered save — no page reloads
- Query Monitor integration — detect, activate, or install from settings
- All settings stored as a single JSON option with
autoload=nofor performance - Fully standalone — zero external dependencies (inline Lucide SVG icons)
- Modern liquid glass UI with dot-grid background
- WordPress native postbox layout with collapsible sections
- Translation-ready with full text domain support
Who is this for?
- Sites on slow or restricted hosting where external calls cause timeouts
- Developers debugging performance issues
- Agencies managing client sites that don’t need update checks
- Anyone who wants a faster wp-admin experience
Developer Hooks
Two filters are available for developers to customize blocking behavior programmatically. These run on every page load and merge with the values from the settings page.
BlackSwan\block_external_request\block_url_list
Filter the array of blocked domain strings. Each entry is matched via strpos() against the full request URL.
add_filter( 'BlackSwan\block_external_request\block_url_list', function( $domains ) {
$domains[] = 'analytics.example.com';
return $domains;
});
BlackSwan\block_external_request\whitelist_urls
Filter the array of whitelisted URL patterns. If a blocked URL also matches a whitelist pattern (via strpos()), the request is allowed through.
add_filter( 'BlackSwan\block_external_request\whitelist_urls', function( $patterns ) {
$patterns[] = '//api.example.com/v2/license';
return $patterns;
});
Whitelist patterns take priority over blacklist domains. Both filters accept and return a flat array of strings.
Links
Copyright
BlackSwan Block External Request is free software distributed under the terms of the GNU General Public License v2 or later.
Copyright (c) AmirhpCom — amirhp.com
This plugin is developed and maintained by BlackSwan Lab.
You are free to use, modify, and distribute this plugin under the GPLv2 license. The developers are not responsible for any issues caused by misconfigured blocking rules. Always maintain proper backups before making changes to your site’s HTTP request behavior.