[resolved] Protecting Version Info (4 posts)

  1. SickSquirrel
    Posted 1 year ago #

    I read a WordPress protection blog and took a few notes. One is to remove the version from the Page Header.

    I need to know where in functions.php I place this

    function remove_wp_version()

    {this is NOT the full code. In case you don't allow it, I'm not going to publicly advertise it. If it's allowed and you say it's okay, I'll paste it all}

    And, more importantly, I need to know if this causes any WordPress license issues (so you don't rap my knuckles!).

    I remember when the version was in the footer and was not to be removed, around 2.3. Hackers/exploiters would simply look for the older version to compromise a site. Thankfully y'all listened and hid it. But if I can hide it further, I'd like to.

  2. esmi
    Forum Moderator
    Posted 1 year ago #

    You need to add:

    // remove WP version number - security by obscurity isn't worth much
    remove_action ('wp_head', 'wp_generator');

    to a function that is added to the after_setup_theme action.

  3. SickSquirrel
    Posted 1 year ago #

    Thank you. My knuckles thank you :)

    I had been given

    function remove_wp_version() {
         return '';
    add_filter('the_generator', 'remove_wp_version');

    Slight difference. But I'll use yours and put it after_setup_theme. I'll test it out and if it is right, I'll change each site (Oy vey). If I run into issues, I'll post.

    I realize this alone isn't enough but I douse other security measures. I figure it can only help and doesn't add too heavily to server load.

  4. SickSquirrel
    Posted 1 year ago #

    I just opened functions.php in wp-includes/. I searched for setup_theme but it was not found. So I'm either in the wrong functions.php file or mine is coded wrongly/differently.

    The post above should read "do use" not douse.

Topic Closed

This topic has been closed to new replies.

About this Topic


No tags yet.