Remove WordPress Version Number
Video Transcript
While there might be some reason for you not to keep your WordPress core files, plugin and theme files up to date, I can’t think of any. But if someone is trolling the web looking for a WordPress site to break into, they may already have some idea of the weaknesses that certain older versions of WordPress have.
Well, mainly because WordPress lists them on their own site. I mean, if we head on over to wordpress.org, slash news slash category slash security, they’re all listed for you right here. The dates that that security patch came out the version that that security patches fixed, and the list of all the security issues that that patch fixed.
So if you’re still running an older version of WordPress, all the hackers already have an idea as to what weaknesses to try to take advantage of in order to break into your site. And what’s worse, is that the more savvy hackers have programs that automate the process of searching for the sites that are running these older versions, let me give you an example using clorox.com as our guinea pig here, this is a WordPress site that they are notorious for not keeping their site up to date. Of course, after having said that they probably do now but let’s have a look. I’m in the Firefox browser, I’m going to right click, and then left click on view page source.
And if we do a Ctrl, F to do a search function through the code here, or Command F, if you’re on a Mac, then type in the word generator in the search box. right here where it says metod name generator, it’s going to list the version of WordPress Nope, still not up to date. I mean, they’re a lot better than they have been in the past. But not only does it show the current version of WordPress here, but iterations of that version number throughout. So in this class, we’re going to add a little version blocking code to our themes function dot php file by way of the code snippets plugin that we’ve used in previous classes. This way, no matter what theme we’re using, the code will still be in place and functioning.
All we have to do is make sure we keep the code snippets plugin installed and activated. Now there’s a couple of different methods people use to remove or mask this version number. But the method I’m going to be showing, you will also remove the version numbers from your RSS feeds, which the other methods usually do not. So this is the clorox.com site is not going to do us any good. So let’s head over to our site and do the same search here and right click, left click on view page source. I mean, I can see it right here. But if we do a Ctrl, F to do a search, type in the word generator, and right here it is, and it’s showing the version number and a few other version numbers are popping up here as well. Now after we do the code snippets addition, this code is going to be cached in our browser. So we need to do a quick refresh in order for that change to take place.
I’ll show you what I’m talking about here in a second when we come back. But for now, let’s go ahead and log into our admin area. If you’ve not done so yet, be sure to install and activate the code snippets plugin. Let’s go to Plugins just to refresh your memory on what I’m talking about.
Here’s the code snippets plugin I’m talking about by code snippets Pro. So install that if you haven’t done so yet, activate it. And you want to keep it installed and activated to keep all those code snippets you’ve put in there so far active. So with that out of the way, we go into snippets, add new, give it a catchy title, and then enter the code here that I’m going to provide to you in a copy and paste document. And then scrolling down, you can put in description and some tags if you want, which really are not mandatory. But if you’ve got a lot of code snippets, then these will come in handy to help keep things organized.
But for this demonstration, I’m not going to put them in there. I’m just going to click on save changes and activate. Then we’re good. Let’s come on back to our front end. And remember, we have to do a quick refresh once we have the source code displayed. So right click left click on view page source, you see it’s still there. But I’m gonna hold the Ctrl key down on my keyboard and hit the f5 key. And that refreshes it takes all those WordPress version numbers out just to be certain Ctrl F to search type in the word generator. And it’s not in there at all. So not only does it remove the version number, it removes the meta information related to that version number so we can close this out, refresh the site just to make sure that it’s still working. And voila, we’re good to go.
And that’s going to bring us to the end of this class on why it’s important to keep your WordPress core files up to date and how to hide the version number and why they for checking it out and you have a great day.