Hide WordPress version

There is a very good reason why you should hide the WordPress version from your source code: when it is not up-to-date anymore. Without specific measures it is pretty easy for everybody to figure out which WordPress version you are using on your website. Luckily, it can be avoided quickly and without a lot of technical knowhow. Let me show you how it works.

How can I avoid it?

Firstly I want to outline that it is crucial that you update your WordPress version regularly. Compare with my article about the most important points for WordPress security.
It can happen that you get to a point where it is not possible to update your WordPress version right away. For instance, if your theme is not ready for the newest WordPress version yet. This should not happen, but it is not impossible.

To figure out the WordPress version on a website without signing in to the backend, process like this:

  1. Check the source code by right click -> view source code.
  2. Search for the keyword “generator” which shows the used WordPress version such as for example:
    meta name="generator" content="WordPress 4.9.2"

To remove this line of code from the source code and to hide it from everybody outside, process like this:

  1. Open the file functions.php in your theme directory respectively your child theme.
  2. Add this line of code:
    remove_action('wp_head', 'wp_generator');
  3. Done!

Cool, right? And you just made your website a bit more secure.