Falcon1986-Online

Home of a med student who likes to manage websites and talk tech!

Remove version information from WordPress header

leave a comment »

WordPress LogoBy default, WordPress installations announce their currently installed version in the header. You will find it within a meta tag of the page’s HTML.

wp-version

If you do not keep on top of WordPress updates, you can imagine that this presents a security risk. Those wishing to exploit vulnerabilities like the recent XSS vulnerability in WordPress 2.8.1 can target blogs just by looking at the header meta information. The situation gets worse if you are still using an even older version of WordPress.

Getting WordPress to stop advertising this version information requires that you add the following to your theme’s functions.php file. Remember how we removed other header elements? This WordPress hack is similar. Note that you need to do this every time you change your theme.

add_filter( 'the_generator', create_function('$a', "return null;") );

Advertisements

Written by falcon1986

20 July, 2009 at 11:04 AM

Posted in Wordpress

Tagged with , ,

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: