In this article we will learn about how to hide WP version to protect it against any malicious attacks.
Each new version of WordPress's software includes new features, performance improvements, and security updates. Therefore, maintaining the most recent WordPress version is essential to protect a website from harmful attacks and to guarantee tool compatibility.
WordPress by default inserts a meta tag with the WordPress version number in it. This meta element identifies the WordPress version you are currently running and is used for tracking purposes.
Why should you hide your WordPress version?
Unbeknownst to you, the WordPress version number reveals extra information about your website. WordPress tracks changes in thorough reports each time it releases updates or addresses issues. This implies that everyone is aware of which versions are affected by which security flaws. This specifically implies that hackers are aware of the best type of attack to deploy on your website. Because of this, it's crucial to conceal your version number. By just looking at your website's source code in any web browser, any hacker may discover the WordPress version you're using.
Whenever asked (or even automatically), update your website to patch any potential security holes. However, changes may be missed or disregarded for a variety of reasons. It's best to conceal your version number in any case.
Why check your current WordPress version?
Exploits, which are often swiftly fixed vulnerabilities that only function if you neglect to update your website, are frequently used by hackers to access websites. Your greatest line of defense against hacking is to always keep WordPress updated.
Incompatibilities are another thing to be concerned about. Some WordPress plugins won't function with the most recent version, while others will stop working if your version is too old. Plugins may depend on new and removed features and functionalities added to and removed from WordPress releases.
You must confirm the core version of your website before installing a plugin to ensure everything will function as intended.
If anything goes wrong with your website and it stops working, displays an odd error, or displays the white screen of death, identifying the issue could involve knowing what version you were using, which is probably not something you can recall off the top of your head.
In some situations, you might also wish to know what WordPress version another person is using. Whether you're dealing with a client, for instance, you might want to check to see if their website is outdated so you can assist them in resolving this security concern right away.
Since WordPress now automatically updates, these issues are less urgent, but it's still a good idea to check if you haven't in a while.
How does a hacker lookup your WordPress version?
Observing the page source of your website
You might not be aware of this, but anyone can check the WordPress version number on your website by looking at the page source.
Through obtaining your RSS feed
A hacker may also be able to see your version number by obtaining your RSS feed. Anyone may use https://www.yourwebsite.com/feed/ to do a search and receive the results.
By looking through your readme file
In order to discover the WordPress version number, hackers can also analyse your readme.html page for WordPress. The procedure we mentioned earlier is quite similar to fetching the information from the readme file. If the website is susceptible, a search for https://www.yourwebsite.com/readme.html will result in a response from the browser.
How to check your WordPress version?
WordPress inserts the version number in several locations on your website.
Checking WordPress version in dashboard
Open your WordPress site's dashboard
Click on Dashboard -> Updates from the left hand side menu
Here you will see the current version of your WordPress site
Checking the WordPress version in header section
You may inspect the source code on a browser by performing a right-click anywhere on your website to locate your WordPress version in the header area.
You can access the WordPress version there.
Checking the WordPress version in RSS feed
Your WordPress version number is also available in the site's RSS feed. You may verify this by entering "yoursite.com/feed" into your web browser, where the version number will appear under the title tag.
How to Hide WP version?
The WordPress version number can be concealed in a number of ways.
Hiding WP version from the header and RSS
By doing this, the RSS and header will no longer display the WordPress version number.
Go to your WordPress dashboard
Click on Appearance -> File Editor from the left hand side menu
You need to access the functions.php file. So, click on funtions.php from the right hand side menu (Theme files menu)
Add the following code in the file
function remove_wordpress_version() {
return '';
}
add_filter('the_generator', 'remove_wordpress_version');
Once you are done, click on Update File to save your changes
Hide WP version from scripts and CSS
The WordPress version number will only be hidden from the header and RSS using the aforementioned approach. The actions listed below should be followed in order to remove the version number from CSS and scripts.
Go to your WordPress dashboard
Click on Appearance -> File Editor from the left hand side menu
You need to access the functions.php file. So, click on funtions.php from the right hand side menu (Theme files menu)
Add the following code in the file
// Pick out the version number from scripts and styles
function remove_version_from_style_js( $src ) {
if ( strpos( $src, 'ver=' . get_bloginfo( 'version' ) ) )
$src = remove_query_arg( 'ver', $src );
return $src;
}
add_filter( 'style_loader_src', 'remove_version_from_style_js');
add_filter( 'script_loader_src', 'remove_version_from_style_js');
Once you are done, click on Update File to save your changes
Hide WP version using a plugin
The WP Security Safe plugin will be used. This plugin is an excellent option for security because it is quite light and won't cause your website to load slowly.
Go to your WordPress dashboard
Click on Plugins -> Add New from the left hand side menu
Search for WP Security Safe. Install and Activate
Now click on WP Security Safe from the left hand side menu
Click on the Privacy tab from the top bar.
In Software Privacy section, enable Hide WordPress Version Publicly
Click on Save Settings at the bottom of the page
Conclusion
A protected Website is one that was specifically designed to secure the information of its users. On this type of website, data is encrypted so that only the intended recipient may decode it. Secured Websites also typically utilize rigorous access controls to prevent unauthorized users from accessing sensitive information. As a result, Secured Websites offer high levels of security for both individuals and organizations. This type of website may be more difficult to build and manage, but the added security is usually beneficial.
[…] SMTP Relay in Postfix?What Is WordPress Multisite And How Can You Create It using CyberPanel?Easily Remove/Hide WordPress Version NumberWhat is the Maximum Traffic VPS can handle?How To Fix Broken Permalinks in WordPress? (3 Easy […]