[How to] Hide the WordPress Versions for Increased Security

This WordPress tip is about hiding the WordPress version header. Imagine yourself as a hacker who wants to break into your site. A hacker's life is made really really easy if they know what version of WordPress you are using.

This is because if they know what version you are using, they can specifically try to attack your site with vulnerabilities that exist in this version.

If they don't know the version, it would be a hit and miss attack. On the other hand, if they do know the version, they can zone in into a specific attack which is more likely to be successful.

Contents[Show]

There are two ways of hiding the WordPress version - the wrong way(s) and the right way.

If you want to prevent WordPress from getting hacked, you really need to check out this complete article. Hiding the WordPress version is not enough, and is simply a way to make it slightly harder - but not by very much. It is called security by obscurity and is a flawed way of trying to secure your WordPress.

However, brute-forcing against all versions of WordPress would still work unless you perform other steps to prevent WordPress from getting hacked.

If you're worried about your website getting hacked, you're better off opting for a WordPress security plugin such as one of the following: 10 Best Security Plugins Compared.

Hiding the WordPress version

 Add the following function to you functions.php

function dartcreations_remove_version() {
  return '';
 } add_filter('the_generator', 'dartcreations_remove_version');

This will hide the version from all the areas of WordPress.

Alternate Way to Hide the WordPress Version

This is an alternate way to hide the version from the head and from styles and scripts:


// remove version from head
remove_action('wp_head', 'wp_generator');

// remove version from rss
add_filter('the_generator', '__return_empty_string');

// remove version from scripts and styles
function collectiveray_remove_version_scripts_styles($src) {
	if (strpos($src, 'ver=')) {
		$src = remove_query_arg('ver', $src);
	}
	return $src;
}
add_filter('style_loader_src', 'collectiveray_remove_version_scripts_styles', 9999);
add_filter('script_loader_src', 'collectiveray_remove_version_scripts_styles', 9999);

IMH

Do you want a fast website?

Who am I kidding? Don't we all?

So why do so many of us struggle?

The biggest challenge is usually finding a fast, reliable hosting company.

We've all been through the nightmares - support take takes forever or doesn't resolve our problem always blaming something on your side... 

But the biggest bummer is that the website always feels slow.

At CollectiveRay we host with InMotion hosting and our website is stupid fast. We run on a custom stack of LightSpeed server setup on MariaDB with a PHP7.4 engine and fronted through Cloudflare. 

Combined with our front-end optimizations we reliably server 6000 users every single day, with peaks of 50+ simultaneous users. 

Want to get a fast setup like ours? Transfer your site for free to InMotion hosting and get our 50% OFF on current pricing.

Try InMotion Hosting with 50% OFF for CollectiveRay visitors in November 2024 ONLY!

InMotion hosting 50% OFF for CollectiveRay visitors

The Wrong way of Hiding the WordPress version (avoid doing this!)

The Wrong way of hiding the WordPress version will hide your version in certain areas of the site, the common areas such as the pages, but leave it exposed in other areas

Adding the following in the functions.php file - nope, don't do that

remove_action('wp_head', 'wp_generator');

Removing the following from the header.php - also a bad idea!

<meta name="generator" content="WordPress <?php bloginfo('version'); ?>" />

Remember - this is not the only step to ensure your WordPress security. The best way to keep your WordPress hosted is to ensure that is kept updated all the time!

Download the list of 101 WordPress tricks every blogger should know

101 WordPress tricks

Click here to Download Now

About the Author
David Attard
Author: David AttardWebsite: https://www.linkedin.com/in/dattard/Email: david@collectiveray.com
David has been working in or around the online and digital industry for the last 21 years. He has vast experience in the software and web design industries using WordPress, Joomla and niches surrounding them. He has worked with software development agencies, international software companies, local marketing agencies and now is Head of Marketing Operations at Aphex Media - an SEO agency. As a digital consultant, his focus is on helping businesses get a competitive advantage using a combination of their website and digital platforms available today. His blend of technology expertise combined with a strong business acumen brings a competitive edge to his writings.

One more thing... Did you know that people who share useful stuff like this post look AWESOME too? ;-)
Please leave a useful comment with your thoughts, then share this on your Facebook group(s) who would find this useful and let's reap the benefits together. Thank you for sharing and being nice!

Disclosure: This page may contain links to external sites for products which we love and wholeheartedly recommend. If you buy products we suggest, we may earn a referral fee. Such fees do not influence our recommendations and we do not accept payments for positive reviews.

Author(s) Featured On:  Inc Magazine Logo   Sitepoint logo   CSS Tricks logo    webdesignerdepot logo   WPMU DEV logo   and many more ...