WPSurfer.com

How to Hide WordPress Version Number [Mu-Plugin]

Published on September 24, 2022 | Updated on July 7, 2024

The WordPress version is the specific release identifier of the WordPress software running on your site.

WordPress versions are typically formatted as X.X.X, where the numbers represent major, minor, and patch releases.

For example, version 6.2.2 would indicate the second patch of the second minor release of the sixth major version.


Should You Hide WordPress Version Number?

There are probably four camps when it comes to hiding your WordPress Version number:

  • Some people affirm that hiding the WordPress version number can enhance your website’s security because attackers often target known vulnerabilities in specific versions of WordPress.
  • Other people affirm that hiding the WordPress version numbers does nothing in terms of security because your WordPress version number isn’t the vulnerability. If a hacker thinks that your site is running an old version of WordPress, your site is gonna get attacked anyways. Hackers might check for a vulnerability regardless of the version you are using.
  • Other experts thinks that hiding your WordPress version numbers will help prevent mass scanning and it shouldn’t be done as if this action would enhance your security in any shape or form.
  • Another camp recommends not hiding the WordPress version number if your sites are always running on the latest version of WordPress

Regardless of the camp you are in, hiding the WordPress version is quite easy and it is not like your site is missing a big feature by not stating what version of WordPress your site is running.

You can hide the WordPress version by installing a plugin or adding a PHP snippet.

I love code snippets plugins so you should probably use one instead of installing a plugin for such a simple feature.


Code Snippet to Hide WordPress Version

This is the code snippet to hide the version of your WordPress site

function wp_remove_version() { 
    return ''; 
} 
add_filter('the_generator', 'wp_remove_version');

If you want to use a mu-plugin instead, you should try this code:

<?php
/**
 * Plugin Name: Remove WordPress Version
 * Description: Removes the WordPress version from the site for security purposes.
 * Author: TicoLibre
 * Version: 1.0
 */
function wp_remove_version() {
    return '';
}
add_filter('the_generator', 'wp_remove_version');

Final Thoughts

Of course that your security strategy can’t rely on security-by-obscurity measure like the one talked about in this post.

I recommending building a firewall as strict as it could possibly be to reduce the chances of your sites being hacked.

Manuel Campos

Manuel Campos

I am José Manuel. I am writing about things I know and things that I am learning about WordPress. I hope you find the content of this blog useful.