An Ideal WordPress User
What I really engaged me when I first started using WordPress was the sense of community. Relatively large, but close knit. Most people know who the big players are, who the new comers are, etc. Who’s making the hot themes and who made the themes that are starting to get a bit tired (heh).
Enter Kirk. Kirk is exactly the person who I want downloading my themes. After downloading and playing with one of my themes (blog.txt to be specific), Kirk emails me requesting some support for some specific but discreet task. I help. I’m happy to.
Kirk files tickets on my theme project pages for things that are broken or could be enhanced. Some I accept, some I don’t. He takes both well. I hear from him now and again. A happy user.
Here’s what separates Kirk from most users. Kirk emails me wanting to know how to disable the generator link (”For security,” he asks). Regardless of whether or not I think this improves the security of his blog, I help. I describe the problem and set him off in the right direction.
For this, I make him a simple plugin he can upload based directly on what Peter Westwood documented on his blog. Easy as pie. Took me ten minutes. I slap it into a PHP file and send it along to Kirk knowing he’ll take it from there.
But what Kirk does is, instead of being satisfied after his problem was solved, he shares his experience and provides the solution for others.
Community. Here, here.
adam wrote:
Interesting, I’ve been using the following code to empty the version string for a while now, based on a post on blogsecurity:
// empty the wordpress version information add_action("init","bs_wp_noversion",1); function bs_wp_noversion() { global $wp_version; $wp_version = ""; }I don’t mind having a wordpress generator link, but the version isn’t something that should be shared.
Posted 30 Apr 2008 at 8:30 am ¶
Scott wrote:
Good call, Adam. I agree that removing the WordPress generator/version doesn’t make your blog/database more secure, but rather limits targeted attacks or at least makes the process more opaque, which is a fine thing I suppose.
Yours actually is much more thorough with cleaning the version number out and might be a more Automattic-friendly way of going about things.
Posted 30 Apr 2008 at 9:30 am ¶
Kirk M wrote:
Always glad to pass on a favor, that’s what it’s all about isn’t it? Thanks for the write up, Scott!
About Adam’s (Hey Adam) code change, would that be worth using in the plugin? And if it would, does it have to be changed any? One of these days I’ll be PHP savvy enough to answer these questions myself but right now, I’m stuck with asking.
Posted 30 Apr 2008 at 1:27 pm ¶
adam wrote:
@kirk -
yes, you can put that in a file with a basic plugin header, and it will do you just fine. you can also put it in your theme’s
functions.phpPosted 30 Apr 2008 at 5:48 pm ¶
Kirk M wrote:
Adam,
Funny thing happened. I tried out your code as a plugin and it triggered the “Update to 2.5.1 Now” alert in my Admin. I had to chuckle at that one, you could really mess with someone’s unsuspecting mind that way.
Posted 01 May 2008 at 7:32 pm ¶