[wp-hackers] WordPress Should Delete WP Version information on head

John Blackbourn johnbillion+wp at gmail.com
Tue Mar 19 17:51:47 UTC 2013

This entire thread is a complete waste of time. Displaying the version
number of WordPress is absolutely, categorically and unarguably not a
security issue. If you are running an out-of-date version of
WordPress, then hiding the version number has zero impact on whether
or not someone can or will take advantage of any vulnerabilities in

Those of you who are stating that displaying the version number makes
it easier or more attractive to someone attempting to take advantage
of your site, show me some stats that prove this and I will eat my own

As Marko pointed out, hackers don't care what your site is running.
They don't care what server software it's running, they don't care
what OS it's running, they don't care what CMS it's running. They will
attack it with whatever vulnerabilities they've got to hand.

I would even go so far as to say that it is naive to think that hiding
the WordPress version number would provide even the illusion of
increased security.

There is only one way to maintain the security of your WordPress
installation: Keep WordPress and your plugins up to date.


On 19 March 2013 16:58, Chloé Desoutter
<chloe.desoutter+wphackers at gmail.com> wrote:
> Hi again,
> 2013/3/19 Sinan <sinan at sinanisler.com>
>> I know I can easly reamove but so much people using default themes. They
>> dont know.
>> We must think them not only us !
>> Then nothing prevents you from publishing your own "secured"
> interpretation of 2010/2011/2012/2013 with stripped version number. Fully
> compatible, with "security" added (put between quotes, as this adds nothing
> to security)
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers

More information about the wp-hackers mailing list