4 Ways to Remove WordPress Version Number
Be default, WordPress adds its version name as meta tag in <head> section which opens the door for hackers. By removing the WordPress version number from your site can help your to reduce security risks, it makes it harder for attackers to exploit known vulnerabilities specific to your WordPress version.
In this article, you will find the 4 ways to remove WordPress version number from your site and make your website more secure than ever.
Ways to Remove WordPress Version Number
You can remove WordPress version number from your site very easily by following any one of the ways below:
1. Remove Version from Meta Tags
You can either put the following line of code in your theme’s functions.php or using code snippets plugin.
This will remove the WordPress version number from the meta tags i.e., <meta name="generator" content="WordPress 6.6.1" />:
// Remove WordPress version number from head
remove_action('wp_head', 'wp_generator');2. Remove Version from RSS Feeds
To remove the version number from RSS feeds, add this code to your theme’s functions.php, or using code snippets plugin:
// Remove WordPress version number from RSS feeds
function remove_wp_version_rss() {
return '';
}
add_filter('the_generator', 'remove_wp_version_rss');3. Removing WordPress Version Number Using a Plugin
There are many security plugins that can help you boost security on your WordPress site but I like to use only Solid Security (Previously, Better WP Security)1 & Hide My WP2 plugins. These are the best plugins, not only they can remove the version number from the head section of your site but add additional security on your WordPress site.
Solid Security
Solid Security protects your WordPress sites from wide range of cyberattacks that are happening now a days. It automatically locks out bad users identified by our Brute Force Protection Network that is nearly 1 million sites strong and leverages your own blacklist. It secures and protects your most commonly attacked part of your WordPress website – user login authentication.
Hide My WP
Hide My WP Ghost is a WordPress security plugin with easy-to-use features, that can enhance your site’s security without altering any directories or files. As of writing this article, 100,000+ websites are using Hide My WP Ghost, this plugin has blocked over 9 million brute force attempts and stopped 140,000 monthly hacks.
Key features include powerful protection against Scripts and SQL Injections, Brute Force attacks, XML-RPC attacks, XSS, and more. Hide My WP Ghost changes and hides WP common paths, admin & login paths, plugin paths, and theme paths, protecting your site from hacker bots.
4. Remove Version from Scripts and Styles
Last but not the least, you should also remove any plugin or theme files version for your WordPress site because they can open the doors for hackers as well with just the version number. To remove the version number from scripts and styles, you can use the following code in your functions.php, or using code snippets plugin.
// Remove WordPress version number from scripts and styles
function remove_wp_version_scripts_styles($src) {
if (strpos($src, 'ver=')) {
$src = remove_query_arg('ver', $src);
}
return $src;
}
add_filter('style_loader_src', 'remove_wp_version_scripts_styles', 9999);
add_filter('script_loader_src', 'remove_wp_version_scripts_styles', 9999);By using these methods, you can remove version of WordPress from your site, which can reduce the chances of attacks exploiting known vulnerabilities in specific versions.