[wp-trac] [WordPress Trac] #32805: Remove WP Version From HTML
WordPress Trac
noreply at wordpress.org
Sat Jun 27 20:47:57 UTC 2015
#32805: Remove WP Version From HTML
----------------------------+------------------------
Reporter: victorfreitas1 | Owner:
Type: enhancement | Status: closed
Priority: normal | Milestone:
Component: Security | Version: trunk
Severity: normal | Resolution: duplicate
Keywords: | Focuses:
----------------------------+------------------------
Changes (by chriscct7):
* status: new => closed
* resolution: => duplicate
* milestone: Awaiting Review =>
Comment:
Duplicate of #23394.
The version of WordPress being presented is not a security issue
whatsoever. Showing it doesn't make your site any more secure, not does it
make it less secure. There is zero security benefit whatsoever in hiding
that a site is WordPress powered, or what version of WordPress it is. 99%
of attackers or bot attackers will just try their attack without seeing if
your site has an affected version, and the 1% who do care can just as
easily (and they do) just compare the contents of the Javascript and CSS
files, among many other things.
Removing version numbers has been brought up many times on trac. I'm going
to close this as a duplicate of the most recent one I've found for it
--
Ticket URL: <https://core.trac.wordpress.org/ticket/32805#comment:1>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list