I’m currently creating a WordPress site at work. In that mission, I’m working hard to create a website that hides what is generated by WordPress. I’ll write more about that my challenge later in a separate article. In this article, I’d like to introduce the tools developed for the challenge.
The tool I created this time is to determine if the website at the specified URL is made with WordPress. Since it was a tool created in a few hours, there are still some rough cuts, but with this tool you can easily determine if the website with the specified URL is made with WordPress. Sites that have been judged to have a low WordPress similarity by this tool may be better able to defend against attackers because they can better hide WordPress from visitors.
This tool is available at the following URL.
The tool checks the path from the root path where WordPress is installed to the document root directly under the domain. It verifies the HTTP response of files and directories that are deployed when WordPress is installed for each of those directories.
In addition, it verifies that the HTML source of the web page displayed by index.php in each directory contains a code related to WordPress.
In the future, we hope to improve this tool to be more powerful and accurate, because only immature judgment can be done now.
If you are creating a site with WordPress, why not try to build a secure website that hides WordPress by bypassing this tool?
I support your wonderful WordPress life!