Remove WordPress version from RSS and head tags

By default your WordPress blog is showing which version of WordPress it is running on. This information can be found on these two places:

In a head tag:

<meta name="generator" content="WordPress 2.9.2" />

In a “generator” tag in your RSS feed:

<generator>http://wordpress.org/?v=2.9.2</generator>

To hide this information – just add the following lines to the functions.php file in your theme directory:

<?php
	/* Remove WordPress version */
	remove_action('wp_head', 'wp_generator');

	function remove_feed_generator() {
	return '';
	}
	add_filter('the_generator', 'remove_feed_generator');
?>

Why hide this information? Some versions of WordPress have included vulnerabilities in the past and will most probably do so in the future as well. By hiding your WordPress version you will make it a bit harder for a potential hacker to know which vulnerabilities to use.

Also, remember to keep both your WordPress installation and it’s plugins up-to-date!

Leave a Reply

Your email address will not be published. Required fields are marked *