Do you want to remove the WordPress version number from your website?
Many believe that removing the WordPress version number from your website’s source code can prevent some common online attacks.
In this article, we’ll show you how to easily remove WordPress version number the right way.
Why Remove WordPress Version Number?
By default, WordPress leaves its footprints on your site for the sake of tracking. That is how we know that WordPress is the top website builder in the world.
However, sometimes this footprint might be a security leak on your site if you are not running the most updated version of WordPress. It provides the hacker with useful information by telling them which version you are running.
We recommend using the latest version of WordPress on all your websites so you don’t have to worry about this. However, if for some reason you are running an older version of WordPress, then you should definitely follow this tutorial.
It is quite difficult to remove all traces of which WordPress version you are using on your website. A sophisticated attack may still be able to find that information.
However, it will prevent automatic scanners and other less sophisticated attempts from guessing your WordPress version.
That being said, let’s take a look at some ways to easily remove version number from your WordPress website.
Method 1. Remove WordPress Version Number using Sucuri
This method is easier and recommended for all users.
All top WordPress security plugins offer an option in the settings to hide your WordPress version number.
However, we recommend using Sucuri because it automatically hides WordPress version information and offers other more advanced security features.
Upon activation, the plugin will automatically hide WordPress version information. You can verify it by visiting Sucuri Security » Settings and switching to the Hardening tab.
Method 2. Manually Remove WordPress Version Information
This method requires you to add code to your WordPress website. If you haven’t done this before, then see our guide on how to copy and paste code snippets in WordPress.
Now, many websites will recommend you to edit your theme’s header.php file and get rid of the following line of code:
This method doesn’t work as a new theme update will automatically replace the old template with the new file.
Another commonly recommended, but inefficient method is to put this code in your theme’s functions.php or site-specific plugin:
This will only remove the information from the WordPress header. The version number will still be visible in your website’s RSS feeds.
The right way to remove WordPress version information is by disabling the function responsible for displaying it.
By adding this code, you will remove the WordPress version number from WordPress RSS feeds and your website’s head section.
Can You Completely Hide WordPress Version?
WordPress may still add the version information in various other places throughout your website. For instance, it is included as the query string in source code for CSS and JS files.
Removing all instances of WordPress version information can be time-consuming, complicated, and may not always work.
From a security perspective, removing the obvious generator tags can protect you from some very common attacks.
However, if someone is determined to break into your website, then hiding your WordPress version number does little to stop this.
You need to implement a proper WordPress security setup in place to make your website more secure. This adds layers of security around your website making it harder to hack into.
We hope this article helped you learn how to easily hide WordPress version number from your website. You may also want to see our guide on how to get a free SSL certificate for your website, or our list of must-have WordPress plugins for small business.
This content was originally published here.