How to camouflage wordpress

camo

Sometimes you don’t want to broadcast to the world that your site is running on wordpress. Here are some steps to take to remove some of the “traces” of wordpress in your code.

Step 1: Update .htaccess

To mask the paths of your wp-content and theme directories in you will need to make some modifications to your .htaccess file. Place the following code at the top of your .htaccess at the root of your site.

{code type=php}

# BEGIN REWRITES

RewriteEngine On
Options +FollowSymlinks
RewriteBase /
RewriteRule ^images/(.*)$ wp-content/themes/THEMNAME/images/$1 [PT]
RewriteRule ^css/(.*)$ wp-content/themes/THEMNAME/css/$1 [PT]
RewriteRule ^js/(.*)$ wp-content/themes/THEMNAME/js/$1 [PT]
RewriteRule ^uploads/(.*)$ wp-content/uploads/$1 [PT]
RewriteRule ^plugins/(.*)$ wp-content/plugins/$1 [PT]

# END REWRITES

{/code}

In your wp-config.php, add the following line to customize your plugin directory url.

{code type=php}
define( ‘WP_PLUGIN_URL’, ‘http://www.yoururlhere.com/plugins’ );
{/code}

Step 2: Modify functions.php

Get rid of pesky meta-data that wordpress leaves in your header with the following actions added to your theme’s functions.php.

{code type=php}

remove_action(‘wp_head’, ‘wp_generator’);
remove_action(‘wp_head’, ‘wlwmanifest_link’);
remove_action(‘wp_head’, ‘rsd_link’);

{/code}

Step 3: Remove html comments from plugins you use.

Some wordpress plugins leave behind html comments such as “powered by such-and-such”. It is generally assumed that you will leave in those comments as free advertising for the plugin author, but you are allowed to remove them if you like in almost every case.

Step 4: Modify wp-admin path

Add the following to your .htaccess file. Fully documented here

{code type=php}
RewriteCond %{REQUEST_URI} wp-admin/
RewriteCond %{QUERY_STRING} !YOURSECRETWORDHERE
RewriteRule .*.php [F,L]
RewriteCond %{QUERY_STRING} !YOURSECRETWORDHERE
RewriteRule ^ADMINFOLDER/(.*) wp-admin/$1?%{QUERY_STRING}&YOURSECRETWORDHERE [L]
{/code}

2 thoughts on “How to camouflage wordpress

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s