how to Hide WordPress info From source Code


“How to hide wordpress information from source code ?” Many people,  particularly designers and web engineers for high-profiles websites, do not want users to know that they are running WordPress for their websites. For the sake of seeming like a more “hardcore” coder who doesn’t need a pre-built CMS (like, it kind of sucks when you find out that Facebook actually runs on WordPress , or just for security reasons; it is a shame that it is so difficult to change the wp-content and wp-admin folder names very easily through the WordPress admin. This little tutorial will teach you how to do it in any case.

Just for the record, I don’t believe that it’s really possible, or even worthwhile to attempt, completely hiding that you use WordPress for your sites.

You can do the stuff I instruct here so that the typical pretentious amateur who tries to “out” you, or hack your site, runs into some challenges, but there will always be a way find out what CMS you use if someone is dedicated enough. If you use WordPress, you use WordPress.

This tutorial will change obvious evidence or indications of it in your source-code, effectively removing WordPress info from your site.

Rename WP-Content

Open up the file called wp-config in your “root” directory, and just before the last line (something about require_once), add:

define('WP_CONTENT_FOLDERNAME', 'wp-content');
define('WP_CONTENT_DIR', ABSPATH . WP_CONTENT_FOLDERNAME );
define('WP_CONTENT_URL', 'http://domain.ext/'.WP_CONTENT_FOLDERNAME);
define('WP_PLUGIN_DIR', WP_CONTENT_DIR . '/plugins' );
define('WP_PLUGIN_URL', WP_CONTENT_URL.'/plugins');

Now you must change “domain.ext” to whatever is your domain – for me, that is “binarynote.com”. Then, you can change “wp-content” to whatever you want your content file to be. I like to use “media”, because I think that’s both relevant and quite unique.

Make sure that everything still works, especially your plugins. If your plugins do not work after this, you need to edit them – you can do this in the WordPress admin by looking around in the Plugins page. Obviously what needs to change is any references to “wp-content”.

Rename WP-Admin (and make login.php inaccessible)

There are two ways to do this. The long way is to hack your .htaccess file to do redirections, etc. and block out direct access to login.php. The easier method is to install and very cool little plugin, made by Devbits, called “Stealth-login”. I use this plugin on some of my sites, and it works! Which is fantastic.So you can download that here.

How to Remove the WordPress Generator Tag

The bit of code that you want for this is simple:

remove_action(‘wp_head’, ‘wp_generator’);

There are a few places you can do this, but I would recommend adding it to the functions.php file in your theme.




Suggested Similar Articles

11 Brilliant Comments - Join Discussion Now!

  1. Fajar says:

    Doesnt work sir.. I can see my source code -__-

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>