Each wordpress version has it’s known vulnerabilities. It’s a good practice to show as little info about your site installation as possible.
You don’t want to make your site an easy target. right?
Well, ideally you should always upgrade to the latest version, but to be honest a lot of us put this at the end of their to do list and might never get it done.
David Kierznowski of blogsecurity.net lately released a simple plugin to hide your wordpress installation version number.
The no version plugin is a simple plugin that will replace the version number with blanks, so anyone doing a view “page source” from the browser on your site will not be able to see your wordpress version.
Click here to read more and download it.
Another tip is to disable directory browsing to your plugin directory.
To check it out do a http://yourdomain.com/wp-content/plugins ( where yourdomain.com the domain of your site) and hit enter.
If you see your plugins files, then you have a security issue.
Here is how to fix it:
Go to your plugin directory in your file manager, and create a . htaccess file if there is no one.
Add the following line:
# disable plugin directory browsing
Go back and TEST. You should be fine now.
If you need any help, don’t hesitate to contact me.