688 posts
  • Bought between 10 and 49 items
  • Exclusive Author
  • Has been a member for 6-7 years
  • Referred between 1 and 9 users
  • Repeatedly Helped protect Envato Marketplaces against copyright violations
  • Sold between 5 000 and 10 000 dollars
  • Uruguay
_rg_ says

I found this last night. Many of them i already known, but others not.

I think is very important info:

http://semlabs.co.uk/journal/how-to-stop-your-wordpress-blog-getting-hacked

In resume, the post talks about how to deal with “Stop Hackers Finding You”... if that´s the case of course. (never happend to me yet, but….)

I post this here because reading this, and knowing what i do too, i have a question.

A good way to prevent hackers to find you is removing all the wordpress code on header and footer, for example removing the “Powered by WordPress” from footer, or Meta Generator Tag on header.

But, how is this in relation with the templates uploaded here and the copyright for wp?

I mean, this is something the final buier must do if want to, right? but not something we should insert/modify on the themes uploaded here?

What you think?

2429 posts
  • Has been a member for 4-5 years
  • Exclusive Author
  • Europe
  • Bought between 10 and 49 items
  • Referred between 100 and 199 users
  • Sold between 100 and 1 000 dollars
  • Microlancer Beta Tester
digitalimpact says

Hackers usually go for high-traffic or well-known sites. Or for something personal. Other than that, for small sites, basic security would suffice.

Regarding the removal of the WP version or other related info in the head/footer – that should be totally up to the buyer. Authors could insert documentation on how to secure the WP installation/theme, or point to the hundreds of articles on the web :)

EDIT : actually I think some do go that extra mile and give such tips.

155 posts
  • Bought between 10 and 49 items
  • Canada
  • Exclusive Author
  • Has been a member for 4-5 years
Warll says

Removing the “powered by wordpress” html comment and not giving credit in the footer is not about to hide a wordpress install from anyone who knows what they are doing.

You’d have to alter the behavior of a ton of code to hide even the ‘wp-content’ folder name, not to mention that the site will respond to a request for wp-adamin.

All that for what? Nothing, there is no known exploit for the latest version of wordpress.

by
by
by
by
by
by