To make WordPress 100% white label and to keep your web design techniques secret from your clients, you may need to hide source code signs that utilize WordPress.
Not only that, another big reason for not disclosing theme and plugins, WordPress version etc. installed on a website is to veil the bad eyes which are always lurking in darkness and looking for known vulnerable code in millions of websites using bots.
Recently webcusp.com was hacked and it happened due to vulnerability in Yuzo Related Posts plugin. I was using this plugin to display related posts. Honestly speaking, Yuzo have been a wonderfully useful plugin for displaying the related content on WordPress websites and you can’t deny that what happened to Yuzo can incur on any plugin or theme not to mention the catastrophe that wrecked revolution slider one year ago. At present Yuzo has been removed from WordPress.org plugin repository until the plugin developers release the vulnerability patch. I hope that the plugin comes back with a bang.
So let’s cut to the chase and know the best available ways to hide WordPress traces from the browser source regardless of your reason to perform this action.
Some questions related to this post
How to change source code displayed in browser
How to show source code blank in browser
How to hide the fact that I am using WordPress
How to hide theme and plugin links in source
WP Hide and Security Enhancer (Free)
To sum up the whole story in one line, it is the best available free way to hide many WordPress footprints from the browser generated source code.
With the help of WP Hide, you can rewrite default WordPress directories like wp-includes, wp-admin, wp-content etc. without changing anything in the database. This makes 99% sure that changing file names and path is not going to break your website or affect it in any other way. Addtionally WP Hide can block real file and folder paths to prevent direct attacks. The only feature that WP Hide still lacks is that you can’t replace file names in source code. Quite possibly this feature may be in their pipeline.
WP Hide and Security Enhancer is a great free plugin to change URLs of a theme and plugins, default WordPress paths and to block direct access to real php files. Let’s take a tour of its features:
- Largely prevents hacking attacks like SQL injections, XXS, Bruteforce, XSRF etc.
- Rewrite default URLs like-
- wp-admin, wp-login.php, wp-singup.php, wp-content, wp-includes, wp-content etc..
- Change /plugin/, /theme/ /uploads/ path
- Change individual plugin path
- Change individual theme path
- Completely replace theme stylesheet name
- Remove WordPress traces like WordPress generator tag, WordPress version, readme and license file and much more.
- Block direct access to original file paths and names
Besides, if you’re ready to pay some bucks for this plugin you can scratch off all signs of WordPress from its source code.
Download WP Hide and Security Enhancer – You can install it direct from WordPress dashboard – Learn How to install a plugin
WP Hide Pro empowers you to/with:
- Rewrite a complete URL in source code
- HTML text replacer
Hide My WP
Hide My WP is a paid plugin but at the same time a powerful match for WP Hide and Security Enhancer. The main difference between these two plugins is that WP Hide Pro blocks direct access to real files while Hide My WP simply masks/rewrites them in source code but real files remain still accessible. This feature makes a big difference when it comes to website security.
WP Content Copy Protection by Tyche Softwares
This plugin prevents visitor’s access to source code via browser. Note that normally internet users try to access page source code using Ctrl+U or Mouse Right Click + Inspect elements. Only a few users go into the depth and explore code via “developers tool”. So if you disable keyboard shortcuts and ‘right click’ on your website frontend, you can largely prevent clients from knowing what CMS you are using for their website.
WP Content Copy Protection does it all for you. All you need to do is install and activate the plugin. You don’t need to setup the options manually.
How to get the plugin – You can install it direct from WordPress dashboard – Learn How to install a plugin