By default WordPress leaves it’s footprints on your site for the sake of tracking. That is how we know that WordPress is the World’s largest Blogging platform. But sometimes this footprint might be a security leak on your site if you are not running the most updated version of WordPress. Because you are providing the hacker with the useful information by telling them which version you are running.
If you are running the most up to date version of WordPress, which we recommend you do, then you do not have to worry about this tutorial at all. But if for some reason you are not, then it is in your best interest to follow this tutorial.
There are many ways to get rid of the WordPress version number from your header. But there is only one correct way to do this.
Some sites will recommend that you open your header.php file and get rid of this code:
1 | <meta name= "generator" content= "WordPress <?php bloginfo('version'); ?>" /> |
Or others will recommend that you open your functions.php and add the following function:
1 | remove_action( 'wp_head' , 'wp_generator' ); |
But a smart hacker who knows about WordPress will simply go to your RSS Feeds, and they will find your version number there because neither of the above codes will remove that number.
In order for you to completely remove your WordPress version number from both your head file and RSS feeds, you will need to add the following function to your functions.php file:
1 | function wpbeginner_remove_version() { |
2 | return '' ; |
3 | } |
4 | add_filter( 'the_generator' , 'wpbeginner_remove_version' ); |
Note: We still recommend that you update to the latest version of WordPress because that is the only guaranteed way to keep your blog protected.
No comments:
Post a Comment