[wp-trac] Re: [WordPress Trac] #4155: Let's hide the version number
from public display
WordPress Trac
wp-trac at lists.automattic.com
Tue Apr 17 20:42:43 GMT 2007
#4155: Let's hide the version number from public display
----------------------------+-----------------------------------------------
Reporter: drmike | Owner: anonymous
Type: defect | Status: closed
Priority: normal | Milestone: 2.4
Component: Administration | Version:
Severity: normal | Resolution: wontfix
Keywords: |
----------------------------+-----------------------------------------------
Changes (by masquerade):
* status: new => closed
* resolution: => wontfix
Comment:
Also, please get your facts straight. Showing the version number did no
such thing to the aforementioned scripts. The search to google was a
string that would find _any_ version of phpBB.
Most automated worms won't even bother checking version numbers, you just
try the exploit, hope it worked, and move on. A human who is trying to
target your site specifically is going to go through the trouble to find a
vulnerability whether you advertise it or not. Security by obscurity is
not going to help in this case.
Closing this as wontfix.
--
Ticket URL: <http://trac.wordpress.org/ticket/4155#comment:4>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list