A security tip for your WordPress website

If your WordPress website for some reason has not updated to the latest version of WordPress you could be vulnerable to being breached.

WordPress security tip

WordPress is very happy to show to the world it’s version information which at the time of writing is 4.3.1. This version information can be seen by showing the HTML source in your browser.

Unfortunately since you can see the version info, so can unwanted web crawlers. If the version is not the most recent then this makes your website vulnerable since the potential hacker now knows two things:

Your WordPress version is not up to date
The exact vulnerabilities, because these are advertised in the new version’s release notes.

Your site could now be a target for malicious attack!

It would be useful if the WordPress version on your site was not advertised to the world and indeed there are plugins which help solve this issue. One such plugin is Meta Generator and Version Info Remover, if after activation your web pages still show the version, a little extra work is needed with the plugin to identify the offending script to remove the version from view.