WordPress follows a regular release cycle of 3-4 months based on the ideas voted from the users along with security releases which will be updated mandatorily. All releases carry a version number for tracking, validating and many other purposes. Though the versioning is meant for good purposes there are security concerns when you have old WordPress installation. Hackers can easily target the sites with old installations and inject malicious software. Therefore, it is a good idea to hide WordPress version number from commonly visible places to harden your site’s protection.
How to Find WordPress Version of a Site?
By default, WordPress installation leaves the trace of a version number in many places. You can view it both by logging into the dashboard as well from the browser as explained in this article. In summary, you can find the version of any WordPress site by looking at the source code. You will find the meta tag like below where 5.9.3 is the version number.
<meta name="generator" content="WordPress 5.9.3" />
It will look like below in source code of the site:
Why You Should Update WordPress?
The WordPress statistics page shows till more than 45% of the WordPress sites use version 5.8 or lower (the latest version is 5.9.3 at the time of writing this article). There are two major reasons for having an outdated WordPress version:
- Generally people buy three years initial hosting plan for very cheap price and not maintain the site afterwards due to time and investment required.
- Compatibility issues with the theme or plugins used.
- Don’t have sufficient knowledge to backup content and database as it is recommended before any update.
When hackers find a WordPress site uses outdated version, it will be an easy target for them to inject malicious codes using known vulnerabilities. If you have a live running site, it is highly recommended to keep the WordPress version up to date, though it is possible to hide it from others.
How to Remove or Hide WordPress Version?
You can remove WP version number either using a plugin or with a custom function.
1. Using Meta Generator and Version Info Remover Plugin
Basically you can modify “functions.php” file to get rid of the version number. But the problem is that the theme update will erase all your changes and you need a child theme or use plugin like Code Snippets for this purpose. This may be a difficult task for normal users, so the easy way is to look for plugins to do the task one time without hassle. Meta Generator and Version Info Remover is a free plugin that helps to remove meta generator tags inserted by WordPress and many other popular plugins WPBakery, WPML, etc. In addition, you can use this plugin to remove the comments added in the source code by plugins like Yoast and WP Rocket.
- Go to WordPress plugins directory under “Plugins > Add New” menu and search for “meta generator”.
- Find “Meta Generator and Version Info Remover” plugin, install and activate it on your site.
- Navigate to “Settings > Meta Generator and Version Info Remover” section.
- You will see a list of options and check “Remove WordPress default meta generator tag” under “Meta Generator Remover Settings”.
- In addition, scroll down to “Version Info Remover Settings” section. Here, you can enable options for removing WP version in the footer section of admin pages and from CSS/JS file.
You can also enter the URLs of stylesheets and scripts you want to exclude in the text box, generally leave the box blank to remove the versioning from all files. Save the changes and check the site’s source now on a browser to see the WordPress version is removed.
2. Using a Function to Remove WP Version
If you do not want to use additional plugin for this purpose, as mentioned, it is possible to add a function in your theme’s file to remove WP version. You can add the following function in your child theme’s functions.php file.
// Remove WP Version remove_action('wp_head', 'wp_generator');
You can go to “Appearance > Theme File Editor” and add the code in functions.php of your child theme. It will look like below in the file editor.
Click the “Update File” button to save your change. Now, check your site’s source code and you will not find the version number in the site.
You can easily remove WordPress version number from the source code with a plugin or adding a custom function. However, WordPress also insert the version in many other places like RSS feed. The best solution to overcome the version problem is to keep your site updated and use the latest version. This helps to protect your site as well as get all new features available in the latest version.