For anyone who has upgraded to WordPress 2.5 and above and likes to keep the WordPress version number out of the source code of your site when the source is viewed in a browser you could be in for a surprise. It might be back even though you eliminated the line of code in your theme’s “header.php” that generated the version number in the first place.
I know I was surprised to find “2.5.1″ happily displayed when I viewed the source code for my main page in Firefox last night and for the life of me I couldn’t find anything in my theme’s “header.php” I might have missed. At first I thought I had forgotten to comment the line out when I upgraded the theme to the latest version but apparently not.
I finally decided to contact the author of my theme, Scott Wallick of PlainText.org (home of the famous “Sandbox” theme) about this. I have to admit that I was more than a bit surprised when he sent me the explanation especially when I had followed the development of 2.5 so closely:
If you’re using WordPress 2.5, then you’re in for a treat. Because as of this version, WordPress hooks the function wp_head() to insert (automatically) the generator meta link.
You can’t really remove wp_head() as plugins require it to work correctly (inserting JavaScript, etc.), so you have to disable the function that produces the generator link from within WordPress.
See the following announcement:
http://blog.ftwr.co.uk/archives/2007/10/06/improving-the-wordpress-generator/
And to top this all off, Scott worked up a tiny plugin that disabled that very function, attached it to his message and it worked like a charm. I can’t say enough about this guy. I use another of his themes called Blog.txt and through 3 updates to the theme since I first installed it he’s answered all my questions, taken care of submitted bugs and even incorporated one of my suggestions about Gravatar resizing using the theme’s “Options” page in the Admin.
So I decided to host his plugin for those of you who wish to use it. Installation is simple. Extract, upload, activate and you’re done. Your version of WordPress shown in the source of your blog should now be gone unless your “header.php” has the hard coded “generator” still coded into it.
Note: This plugin is only for use with WordPress 2.5 and higher.
Download: rgl.zip
[...] But what Kim does is, instead of being satisfied after his problem was solved, he shares his experience and provides the solution for others. [...]
[...] source display of WordPress version, imposed on users of the default install of WordPress 2.5 – a plugin to regain a little control. Bookmark: These icons link to social bookmarking sites where readers [...]
Thanks for the kind words, Kirk. And thank you for going the extra step and providing your solution to others.
@Scott:
Nothing like passing on a favor is there? Glad to do it and thanks again. You’ve made things just a bit easier for everyone.
I use this:
if (function_exists(‘wp_generator’)) {
remove_action(‘wp_head’, ‘wp_generator’);
}
For those who want to remove all mention of WordPress, the above plugin will work great. If you just want to remove the version number, check out the WordPress Tweaks plugin.
John,
That looks like a fantastic plugin you have there. Being a chronic tweaker I can see I’ll be loading this one up soon enough. It looks like it could eliminate at least two plugins I currently use as well. Good deal!
I might just run up a post about this on my new tech flavored WP site after I check it out (both sites running 2.6 beta1). Thanks for the info!
[...] But what Kirk does is, instead of being satisfied after his problem was solved, he shares his experience and provides the solution for others. [...]
[...] the meta generator. It looks like Ian of ThemeShaper has provided a couple methods, including a WordPress plugin to remove the meta generator information from your WordPress blog. Please link to meIf you found [...]
It’s a good idea to get rid of version number, but it will not save you from hackers. If your version is vulnerable, you could be treated by hackers.
Security Developer´s last blog ..Image Hosting