Submit Changelog
Track Changelogs

BlackSwan | Block External Request

Changelog

2.9.3

  • Release date: 2026-04-13 | 1405-01-24
  • Fixed Translation
  • Added fontawesome to exclude list
  • Added cdn.jsdelivr.net to exclude list
  • Added unpkg.com to exclude list
  • Added googletagmanager.com to exclude list
  • Added cdnjs.cloudflare.com to exclude list
  • Added fonts.googleapis.com to exclude list
  • Added fonts.gstaticn.com to exclude list
  • Set some default options ON by default

2.9.0

  • Added “Disable All Emoji” option: removes WordPress emoji detection script, emoji styles, TinyMCE emoji plugin, and DNS prefetch hints for the emoji CDN — eliminating outgoing requests to s.w.org

2.8.0

  • Expanded the default blacklist with 30+ additional domains commonly responsible for license checks, telemetry, and update pings (e.g. freemius.com, themeforest.com, cloudflare.com, wpbakery.com, xtemos.com, premio.io, nextendweb.com, objectcache.pro, rocketcdn.me, ipinfo.io, paypal.com, and several Iranian plugin/theme vendors)

2.7.0

  • Documented all four developer filters with full examples (block_url_list, whitelist_urls, blocked_resources, cdn_replacements)
  • Improved readme files for WordPress.org publishing

2.6.7

  • Added at-a-glance overview panel at the top of the settings page with 5 stat cards (HTTP blocking, browser resources, specific resources, CDN replacements, avatars) for non-technical users
  • All technical configuration metaboxes now hidden behind a “Configure & Advanced Settings” toggle, collapsed by default, state remembered in localStorage
  • Moved “Reset to Defaults” into its own dedicated sidebar metabox with a clear destructive-action warning
  • Fixed confirm dialog line breaks (were showing as literal n on some browsers)

2.6.6

  • Added “Reset to Defaults” button in Export/Import panel with a destructive-action warning notice and two-step confirmation before wiping settings

2.6.5

  • Added new “CDN Resource Replacements” section: replace enqueued JS/CSS with CDN versions by pattern matching, with per-entry backend/frontend toggles, and predefined examples (jQuery, Bootstrap via lib.arvancloud.ir)
  • Export/Import support for CDN replacements
  • DEV: Added BlackSwanblock_external_requestcdn_replacements filter for programmatic replacement rules

2.6.4

  • Added new “Avatars” section in settings: option to disable all WordPress avatars site-wide (default: disabled), preventing outgoing Gravatar requests and removing avatar markup

2.6.2

  • Added pre-defined list of common analytics/tracking domains to the default blacklist (e.g. Google Analytics, Hotjar, Matomo etc.)
  • Added pre-defined list of common Iranian payment gateway domains to the default blacklist (e.g. Zarinpal, Pay.ir, IDPay etc.)
  • DEV: Added BlackSwanblock_external_requestblocked_resources filter to allow programmatic blocking of specific JS/CSS resources by URL pattern

2.6.0

  • New: Modern liquid glass UI with frosted postboxes and dot-grid background
  • New: Inline Lucide SVG icons — fully standalone, zero external dependencies
  • New: Status badge with animated icons (activity pulse for active, circle-pause for paused)
  • New: Query Monitor three-state detection (active / installed but inactive / not installed)
  • New: One-click activate button for Query Monitor when installed but not active
  • Improved: Gradient badges and softer visual language throughout
  • Improved: All buttons use consistent flex layout with icon + text

2.5.0

  • New: Replaced all WordPress dashicons with inline Lucide SVGs
  • New: Plugin is now fully standalone — no external CSS, fonts, or icon libraries
  • New: SVG icon helper method with 20+ icons for consistent rendering
  • Improved: JS-rendered table rows use PHP-generated SVG strings for icons

2.4.0

  • New: Query Monitor integration — detect active, installed, or missing; one-click activate/install
  • Fixed: Three-state QM detection (active vs installed-but-inactive vs not-installed)
  • Improved: Activate link uses proper wp_nonce_url for one-click activation

2.3.1

  • Fixed: Postbox headers now use proper WordPress core markup (postbox-header, handle-actions, handlediv)
  • Fixed: Native collapsible postbox behavior via postboxes.add_postbox_toggles(pagenow)
  • Removed: Custom postbox toggle CSS and JavaScript — WordPress core handles it all

2.3.0

  • New: Safe mode — add ?bswan-safe=1 to any admin URL to bypass all blocking
  • New: Settings page automatically skips resource dequeuing (not full safe mode)
  • New: Safe Mode sidebar metabox with direct link and usage tips
  • New: Collapsible postboxes for main content sections
  • Improved: Clear separation between safe mode (full bypass) and settings page (resource-only bypass)

2.2.0

  • New: Block Specific Resources section — block individual JS/CSS by full URL, partial path, or filename
  • New: Per-item backend/frontend checkboxes for specific resource blocking
  • New: WordPress post-editor style two-column layout with sidebar metaboxes
  • New: Sidebar metaboxes for Save/Pause, Tools, Export/Import, and Disclaimer
  • New: Global export/import — single JSON file for all settings
  • Removed: Individual per-list export/import buttons
  • Fixed: Blocked resources checkbox state now persists correctly after save (boolean → integer serialization)

2.1.0

  • New: Browser-side resource blocking — dequeue external JS/CSS from blacklisted domains
  • New: Separate toggles for admin panel and public frontend
  • New: Resource blocking respects whitelist patterns
  • Improved: Settings auto-migrate on upgrade with safe defaults

2.0.0

  • Complete rewrite with settings page
  • New: Visual blacklist/whitelist management with inline edit, delete, delete-all
  • New: AJAX-powered save — no page reloads
  • New: Temporary pause button to disable all blocking without losing rules
  • New: JSON export/import for blacklist and whitelist
  • New: Query Monitor install link
  • New: Disclaimer notice
  • New: Settings stored as single JSON option with autoload=no
  • New: Settings link on plugins list page
  • New: Default blacklist and whitelist seeded on first activation

1.1.0

  • Added whitelist support — allow specific URL patterns through the blacklist
  • Added BlackSwanblock_external_requestwhitelist_urls filter
  • Default whitelist includes WordPress plugin API and download URLs

1.0.0

  • Initial release
  • Block external HTTP requests by domain via pre_http_request filter
  • Predefined blacklist of common domains
  • Filter hook BlackSwanblock_external_requestblock_url_list for customization

Plugin Website
Visit website

Author
BlackSwanDev
Version:
2.9.3
Last Updated
April 13, 2026
Active Installs
10
Requires
WordPress 5.0
Tested Up To
WordPress 6.8.5
Requires PHP
5.4

Share Post

Join our newsletter.

Get insights into what’s happening at ChangelogWP right in your inbox. We don’t believe in spam.