[wp-trac] [WordPress Trac] #32805: Remove WP Version From HTML
WordPress Trac
noreply at wordpress.org
Sat Jun 27 18:46:06 UTC 2015
#32805: Remove WP Version From HTML
----------------------------+-----------------------------
Reporter: victorfreitas1 | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Security | Version: trunk
Severity: normal | Keywords:
Focuses: |
----------------------------+-----------------------------
Hello, I strongly believe in WordPress potêncial as security, but has a
small flaw that leaves us a bit insecure, which is always bringing in
FrameWork the HTML version of the system in feeds, and files between other
parts of the site, this is something with that in other preoculpamos to
remove our website and there are hooks to be removed and do not do it for
all files. I bring this safety tip is to fail to show the version in html
files, feeds among others, Example: "site.com/wp-
includes/css/buttons.min.css?'''ver=4.2.2'''". Remove the a version of
sitema on "ver=" and put a filemtime for example in place.
Examples:
<link rel='stylesheet' id='google-font-css'
href='//fonts.googleapis.com/css?family=Lora%3A400%2C700%2C400italic%2C700italic%7CMuli%3A400%2C400italic%7CMontserrat%3A400%2C700&'''ver=4.2.2''''
type='text/css' media='all' />
'''<generator>wordpress.org/?v=4.2.2</generator>
<meta name="generator" content="WordPress 4.2.2" />'''
--
Ticket URL: <https://core.trac.wordpress.org/ticket/32805>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list