Most people nowadays uses WordPress because it is highly user friendly and very easy to configure but it comes with some minor risks which can be used by hackers to hack your website.
One of them is WordPress version. WordPress automatically outputs your site’s current version number in the meta tag. It is at times helpful but it poses a major security risk to your WordPress based site. Hence it is advisable to remove WordPress version.
To avoid users and hackers to see the WordPress version number, you should add the following code in your theme’s functions.php that will remove wordpress version from appearing.
If you have gone through my post here, then you now know how to add the code in your theme’s functions.php file.
function remove_wp_version() { return ''; }
add_filter('the_generator', 'remove_wp_version');
The above code will remove the WordPress version from your website’s header files and also from RSS feed.
Do you have any other method or how do you safeguard your website against hackers? Let me know in the comments.
Hi Keyur, Do you know if any of the plugins remove the wordpress version? I am using Wordfence. Also how do you check, right click “View Page Source”?
Thanks,
Scott
There used to be like ‘remove wordpress version’, ‘Removes WordPress and version and short link’ and ‘Removes WordPress and version from post, pages and RSS’ but they are not fit for the version we are using nowadays. So it may not be a good fit moreover as I mentioned in my first post that plugins could increase the page load time so it is highly recommended to use inline code.
Yes, to view page source, you right click and ‘View Page Source’ from the menu. Sorry, I didn’t mention that. Thanks for it Scott.
Learnt something new today. thanks for the great tips
Thanks Josh for your comment. Keep coming or subscribe to get new posts delivered to your inbox.
Cheers.
I use a paid plugin called wp-shielded and it removes the version for me. It’s good to know the manual way as well thanks
Cheers
Thanks for sharing that plugin. Scott, this can help you, although it comes with a cost.
Nice post Keyur, thanks for the heads up, I have already put it in my site’s function.php file.
I also use a plugin called Bulletproof Security, it’s very good.
Thanks,
Kevin.
Thanks Kevin. I have used that plugin Bulletproof Security in the past but one time due to that plugin I was locked out of my site and it was a nightmare to bring everything back to normal, so I, since then, mostly rely on codes rather than plugins.
I use to use Bulletproof Security too but also had issues. So just use Wordfence now. I do have a couple of questions. If you remove the version number from the functions file, will you still know when there is an update? And will you have to add the code again after an update?
Yes Dawn. You’ll get updates as usual for your WordPress site as they come up and won’t hinder anything. The code is just to hide it from showing it in headers and RSS feeds.
I like this post. Short and yet very informative. One quick question Keyur, do I need to re-enter all additional codes with each version update? Thanks in advance.
No Sandy. You do not have to re-enter any additional details because we are changing the functions.php file which is in your theme. However, you would want to change it only when you change the theme.
Clear. Thanks Keyur 🙂
Hi Keyur, have added the code in the file. How do i know if i have done it correctly and functioning right? Thanks
To check follow these steps:
Right click on your website and select or click on ‘View Page Source’. Another tab will be opened showing you lots of codes.
Press ‘Control + F’ and a search option will appear.
Write in the search box — > content=”Wordpress
If you do not get any result, then the code is perfectly added
Hope this helps Sandy.