[wp-hackers] WordPress Should Delete WP Version information on head

Marko Heijnen mailing at markoheijnen.nl
Tue Mar 19 17:01:27 UTC 2013


Hey Sinan, That is saying more about you then me.


Dobri:
Obviously WordPress had security risks. Just like every other platform but showing the version number in the head doesn't make a difference.
Also if I'm correct most of the recent vulnerabilities where for registered users. Things they could do but shouldn't be able.


Op 19 mrt. 2013, om 17:58 heeft Sinan <sinan at sinanisler.com> het volgende geschreven:

> @Marko Heijnen
> 
> I dont have respond to that.
> 
> 
> 2013/3/19 Marko Heijnen <mailing at markoheijnen.nl>
> 
>> This isn't a security risk at all. If you think bots check your version
>> then you are wrong. Also WordPress isn't the security risk. The plugin you
>> are using are.
>> 
>> Op 19 mrt. 2013, om 17:52 heeft Dobri <dyordan1 at ramapo.edu> het volgende
>> geschreven:
>> 
>>> I think that exists for Search Engine Penetration and keeping track of
>> market penetration as well. Simply put, it makes tracking % of people using
>> WordPress and a specific version of WordPress and while it's true that's a
>> bit of a security risk (for some setups more than for others), it also
>> helps developers of both WP core and plugins/themes. In that respect, I
>> think it should stay there and people should be individually responsible
>> for hiding it if they *know* they have an old version that's susceptible to
>> attacks and they have a good reason for keeping it. Cheers!
>>> 
>>> P.S. As already pointed out, it's really easy to remove if need be.
>>> 
>>> On Tue, 19 Mar 2013, at 12:48 PM, Sinan wrote:
>>> 
>>>> WordPress Should Delete WP Version information on head
>>>> if this is so important there is so many ways to learn who using what
>> vesio
>>>> n of. But this public version reading is not safe.
>>>> 
>>>> Some times coming big security problems and when this problems match our
>>>> versions bots or bad guys easly hack the sites.
>>>> 
>>>> What you guys thinking about this ?
>>>> 
>>>> --
>>>> Sinan İŞLER
>>>> sinanisler.com <http://www.sinanisler.com/>
>>>> _______________________________________________
>>>> wp-hackers mailing list
>>>> wp-hackers at lists.automattic.com
>>>> http://lists.automattic.com/mailman/listinfo/wp-hackers
>>> 
>>> ~Dobri
>>> _______________________________________________
>>> wp-hackers mailing list
>>> wp-hackers at lists.automattic.com
>>> http://lists.automattic.com/mailman/listinfo/wp-hackers
>> 
>> _______________________________________________
>> wp-hackers mailing list
>> wp-hackers at lists.automattic.com
>> http://lists.automattic.com/mailman/listinfo/wp-hackers
>> 
> 
> 
> 
> -- 
> Sinan İŞLER
> sinanisler.com <http://www.sinanisler.com>
> fb.com/sinanisler
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers



More information about the wp-hackers mailing list