13 Mar

How to hide readme.html from WordPress setup under nginx

By default Worpdress places readme.hml file to your webroot directory, so it’s possible to get it. The problem is this file contains your WordPress version. So if for some reason you have vulnerable version of WordPress you might want to hide this file. This is how you can implement this:

location = /readme.html
return 404;

Keep in mind that it will not remove your WordPress version from your feeds and HTML headers.

Leave a Reply

Your email address will not be published. Required fields are marked *