Removing the META generator tag in WordPress

WordPress has become one of the best-known blogging and CMS platforms today, and because of this there’s always people looking to exploit your WordPress site. Along with the normal security precautions that you’d always take, here’s another one.

It can be a good idea to remove the META tag for ‘generator’ from your Worpdress site. Why? It has the potential to be a security risk. In it’s standard form, this tag lists ‘WordPress’ along with the version number. The issue is that it tells would-be hackers everything that they need to know about your system. They know you’re running WordPress and they know what version you are running so they can search for known vulnerabilities of that version.

Removing the tag is actually pretty easy. In your themes functions.php file, add this line of code:

remove_action( 'wp-head', 'wp-generator' );

That’s all there is to it. Now you’ve stopped advertising to the world what system and version that you use.

As a final note, this will not solve all of your security issues. Please do not expect that you can do this and have your site being “hacker-proof”. There’s always more that can be done to beef up your sites security, so always be on the look out.

Leave a Reply

Your email address will not be published. Required fields are marked *