Secure your website with the Secure WordPress Plugin

For some reason that baffles me, there are loads of morons out there who have nothing to do but hack into websites. Because WordPress is Open Source, the source code is also available to them. The best way to protect yourself from attack is to update your WordPress to the latest version, but you can also make it a bit more difficult by hiding what version of WordPress you are using from everyone.

Depending on which template you start with, you may find the following line of code in your header.php file.

<meta name=”generator” content=”WordPress <?php bloginfo(’version’); ?>” />

If you do, take it out.

If you are running version WP 2.6 or higher, and you should be, you will notice that this line may not be there, but appears in your source code. This line of code is generated from the wp-head.

To remove the version from appearing in your source code, I like to install the secure WordPress plugin. The plugin not only removes the WordPress version it also remove error information on the login page and adds an index.html file in the plugin directory.