[wp-hackers] WordPress Should Delete WP Version information on head
mailing at markoheijnen.nl
Tue Mar 19 17:01:27 UTC 2013
Hey Sinan, That is saying more about you then me.
Obviously WordPress had security risks. Just like every other platform but showing the version number in the head doesn't make a difference.
Also if I'm correct most of the recent vulnerabilities where for registered users. Things they could do but shouldn't be able.
Op 19 mrt. 2013, om 17:58 heeft Sinan <sinan at sinanisler.com> het volgende geschreven:
> @Marko Heijnen
> I dont have respond to that.
> 2013/3/19 Marko Heijnen <mailing at markoheijnen.nl>
>> This isn't a security risk at all. If you think bots check your version
>> then you are wrong. Also WordPress isn't the security risk. The plugin you
>> are using are.
>> Op 19 mrt. 2013, om 17:52 heeft Dobri <dyordan1 at ramapo.edu> het volgende
>>> I think that exists for Search Engine Penetration and keeping track of
>> market penetration as well. Simply put, it makes tracking % of people using
>> WordPress and a specific version of WordPress and while it's true that's a
>> bit of a security risk (for some setups more than for others), it also
>> helps developers of both WP core and plugins/themes. In that respect, I
>> think it should stay there and people should be individually responsible
>> for hiding it if they *know* they have an old version that's susceptible to
>> attacks and they have a good reason for keeping it. Cheers!
>>> P.S. As already pointed out, it's really easy to remove if need be.
>>> On Tue, 19 Mar 2013, at 12:48 PM, Sinan wrote:
>>>> WordPress Should Delete WP Version information on head
>>>> if this is so important there is so many ways to learn who using what
>>>> n of. But this public version reading is not safe.
>>>> Some times coming big security problems and when this problems match our
>>>> versions bots or bad guys easly hack the sites.
>>>> What you guys thinking about this ?
>>>> Sinan İŞLER
>>>> sinanisler.com <http://www.sinanisler.com/>
>>>> wp-hackers mailing list
>>>> wp-hackers at lists.automattic.com
>>> wp-hackers mailing list
>>> wp-hackers at lists.automattic.com
>> wp-hackers mailing list
>> wp-hackers at lists.automattic.com
> Sinan İŞLER
> sinanisler.com <http://www.sinanisler.com>
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
More information about the wp-hackers