Created
March 11, 2013 07:48
-
-
Save hasssan/5132620 to your computer and use it in GitHub Desktop.
Wordpress: Function.php template for better security
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
// A major drawback of the current WordPress login form is | |
// that it informs the user which part of the login information he/she has gotten wrong. | |
// For instance, if the username is correct and the password wrong, | |
// WordPress informs the user about it. This makes it easier to use brute force login | |
// as the hacker has a clear idea of whether he/she needs to change the username or password. | |
// source: http://wp.tutsplus.com/tutorials/security/wordpress-security-threats-that-you-should-look-out-for/ | |
function failed_login () { | |
return 'the login information you have entered is incorrect.'; | |
} | |
add_filter ( 'login_errors', 'failed_login' ); | |
// remove Wordpress Version Generator | |
function remove_wp_version () { | |
return ''; | |
} | |
add_filter ( 'the_generator', 'remove_wp_version' ); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment