08 Feb SECURING WORDPRESS PART 2 (BY EDITING FILES)
In last blog post we discussed about hot to secure WordPress installation with some plugins. We need to do some modification in files to secure WordPress, in this blog post we will look at which files needs to be changed in order to make WordPress installation like real steel.
- Remove META Generator
Make sure to remove <meta name=”generator” content=”WordPress <version>” /> from your WordPress installation. To remove this wp-security plugin can help. You can also install some other plugin called wp-meta generator tag remover.
Other way to remove META generator tag is to remove it from code. Navigate to WordPresswp-includes general-template.php in WordPress directory , find <meta name=”generator” content=” WordPress and remove “ . get_bloginfo( ‘version’ ) . “ from code.
- Remove readme.html
Many times we remove meta generator tag to not to disclose WordPress version but unknowingly we keep default installation files on server, which leads to malicious attack on web application. One of the file which contains WordPress version information is readme.html
After upgrade of WordPress of fresh installation make sure to delete readme file. It’s default path is WordPress/readme.html
- WHAT THE CEO IS READING – IMPROVING THE BUSINESS-TO-BUSINESS CUSTOMER EXPERIENCE - March 26, 2016
- WHAT THE CEO IS READING – LEADING AND GOVERNING THE CUSTOMER-CENTRIC ORGANIZATION - March 22, 2016
- WHAT THE CEO IS READING – MANAGE YOUR EMOTIONAL CULTURE - February 23, 2016
- WHAT THE CEO IS READING – GETTING TO SI, JA, OUI, HAI, AND DA - December 9, 2015
- 2 นาทีข่าวเทคโนโลยีประจำเดือนกันยายน - October 2, 2015
- 2 Minutes Of Tech. September’s News in 2 Minutes. - October 2, 2015
- PRINT YOUR OWN CROSSGUARD LIGHTSABER - September 22, 2015
- WHAT THE CEO IS READING – FOUR SEASONS: THE STORY OF A BUSINESS PHILOSOPHY - September 17, 2015
- 2 นาทีข่าวเทคโนโลยีประจำเดือนสิงหาคม - September 2, 2015
- 2 Minutes Of Tech. August’s News in 2 Minutes. - September 2, 2015