Good afternoon. I did the safety test on my site with a vulnerability testing tool. The result showed that a possible security breach is the site return thema name. I wonder how do I get thema name does not appear in these scans?
The theme name is always visible. What test have you made?
I performed the test https://hackertarget.com/wordpress-security-scan/. The result was:
The theme Has Been found by examining the path / wp-content / themes / theme * name * /
Hot 1.04http: //www.web-rockstars.com/hot/
While plugins get a lot of attention When it comes to security vulnerabilities, themes are another source of security vulnerabilities Within WordPress installations, always keep Them updated to the latest version available and check the developers theme page for information about security related updates and fixes.
The theme listed here is the active theme found in the HTML source of the page. A comprehensive assessment shouldnt include checking for other themes que are installed but not active the These can contain Also exploitable security vulnerabilities. In the “black box” assessment or penetration test detection of all themes an be undertaken by brute forcing the theme paths. Alternatively if you have access to the host You could simply remove all unused themes.
I would like to know how to hide the thema name, because without this information, it is less a source of vulnerability.
I dont think it’s a problem, because if you know what you do, you can always see the theme name, no matter what you try.
But to make it short: the folder structur is a WordPress thing, it’s not up to the theme. Maybe there is a plugin out there what change the url or hide it. But it’s nothing what the theme can do…
You must be logged in to reply to this topic.