how to Hide WordPress info From source Code

Must Have Plugins

“How to hide wordpress information from source code ?” Many people,  particularly designers and web engineers for high-profiles websites, do not want users to know that they are running WordPress for their websites. For the sake of seeming like a more “hardcore” coder who doesn’t need a pre-built CMS (like, it kind of sucks when you find out that Facebook actually runs on WordPress , or just for security reasons; it is a shame that it is so difficult to change the wp-content and wp-admin folder names very easily through the WordPress admin. This little tutorial will teach you how to do it in any case.

Just for the record, I don’t believe that it’s really possible, or even worthwhile to attempt, completely hiding that you use WordPress for your sites.

You can do the stuff I instruct here so that the typical pretentious amateur who tries to “out” you, or hack your site, runs into some challenges, but there will always be a way find out what CMS you use if someone is dedicated enough. If you use WordPress, you use WordPress.

This tutorial will change obvious evidence or indications of it in your source-code, effectively removing WordPress info from your site.

Rename WP-Content

Open up the file called wp-config in your “root” directory, and just before the last line (something about require_once), add:

define('WP_CONTENT_FOLDERNAME', 'wp-content');
define('WP_CONTENT_URL', 'http://domain.ext/'.WP_CONTENT_FOLDERNAME);
define('WP_PLUGIN_DIR', WP_CONTENT_DIR . '/plugins' );
define('WP_PLUGIN_URL', WP_CONTENT_URL.'/plugins');

Now you must change “domain.ext” to whatever is your domain – for me, that is “binarynote.com”. Then, you can change “wp-content” to whatever you want your content file to be. I like to use “media”, because I think that’s both relevant and quite unique.

Make sure that everything still works, especially your plugins. If your plugins do not work after this, you need to edit them – you can do this in the WordPress admin by looking around in the Plugins page. Obviously what needs to change is any references to “wp-content”.

Rename WP-Admin (and make login.php inaccessible)

There are two ways to do this. The long way is to hack your .htaccess file to do redirections, etc. and block out direct access to login.php. The easier method is to install and very cool little plugin, made by Devbits, called “Stealth-login”. I use this plugin on some of my sites, and it works! Which is fantastic.So you can download that here.

How to Remove the WordPress Generator Tag

The bit of code that you want for this is simple:

remove_action(‘wp_head’, ‘wp_generator’);

There are a few places you can do this, but I would recommend adding it to the functions.php file in your theme.

Related Posts

9 thoughts on “how to Hide WordPress info From source Code”

    1. Thanks Saurabh, But most of the time users are not able to fully implement it first time. Hope to see you very soon.

  1. Hey Guy’s,
    I have an question about wordpress source code hide.
    I find an free PHP Obfuscator and i try to use it for my wp-config.php and it’s working fine for me.
    But before i use it i have an question hacker can trace the php code?
    And is there any effect for my SEO or others?
    Looking your’s helpfully answer.
    Thanks a lot :)

  2. Hi,

    I’m trying to follow this steps on localhost but it doesn’t work!
    I’m using wordpress3.3.2 !
    Any suggestion, help?
    Thank you in advance

  3. Just want to say your article is as amazing. The clarity for your submit is just nice and that i could suppose you are a professional on this subject. Well together with your permission allow me to seize your RSS feed to stay updated with approaching post. Thank you a million and please continue the enjoyable work.

  4. Hello,

    I am using WP 3.2.1

    However your trick doesn’t work.

    Kindly find the updated trick and let us know.



Leave a Reply

Your email address will not be published.