[wp-trac] [WordPress Trac] #32805: Remove WP Version From HTML

WordPress Trac noreply at wordpress.org
Sat Jun 27 20:47:57 UTC 2015


#32805: Remove WP Version From HTML
----------------------------+------------------------
 Reporter:  victorfreitas1  |       Owner:
     Type:  enhancement     |      Status:  closed
 Priority:  normal          |   Milestone:
Component:  Security        |     Version:  trunk
 Severity:  normal          |  Resolution:  duplicate
 Keywords:                  |     Focuses:
----------------------------+------------------------
Changes (by chriscct7):

 * status:  new => closed
 * resolution:   => duplicate
 * milestone:  Awaiting Review =>


Comment:

 Duplicate of #23394.

 The version of WordPress being presented is not a security issue
 whatsoever. Showing it doesn't make your site any more secure, not does it
 make it less secure. There is zero security benefit whatsoever in hiding
 that a site is WordPress powered, or what version of WordPress it is. 99%
 of attackers or bot attackers will just try their attack without seeing if
 your site has an affected version, and the 1% who do care can just as
 easily (and they do) just compare the contents of the Javascript and CSS
 files, among many other things.

 Removing version numbers has been brought up many times on trac. I'm going
 to close this as a duplicate of the most recent one I've found for it

--
Ticket URL: <https://core.trac.wordpress.org/ticket/32805#comment:1>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list