Includes how to rename wp-content, rename wp-admin, and remove the generator tag from WordPress.
Many people, particularly designers and web engineers for high-profiles websites, do not want users to know that they are running WordPress for their websites. For the sake of seeming like a more “hardcore” coder who doesn’t need a pre-built CMS (like, it kind of sucks when you find out that Facebook actually runs on WordPress :O ), or just for security reasons; it is a shame that it is so difficult to change the wp-content and wp-admin folder names very easily through the WordPress admin. This little tutorial will teach you how to do it in any case.
Just for the record, I don’t believe that it’s really possible, or even worthwhile to attempt, completely hiding that you use WordPress for your sites. You can do the stuff I instruct here so that the typical pretentious amateur who tries to “out” you, or hack your site, runs into some challenges, but there will always be a way find out what CMS you use if someone is dedicated enough. If you use WordPress, you use WordPress. This tutorial will change obvious evidence or indications of it in your source-code, effectively removing WordPress info from your site.
Open up the file called wp-config in your “root” directory, and just before the last line (something about require_once), add:
define('WP_CONTENT_DIR', ABSPATH . WP_CONTENT_FOLDERNAME );
define('WP_PLUGIN_DIR', WP_CONTENT_DIR . '/plugins' );
Now you must change “domain.ext” to whatever is your domain – for me, that is “pythoughts.com”. Then, you can change “wp-content” to whatever you want your content file to be. I like to use “media”, because I think that’s both relevant and quite unique, but obviously this is your prerogative.
Make sure that everything still works, especially your plugins. If your plugins do not work after this, you need to edit them – you can do this in the WordPress admin by looking around in the Plugins page. Obviously what needs to change is any references to “wp-content”.
Rename WP-Admin (and make login.php inaccessible)
There are two ways to do this. The long way is to hack your .htaccess file to do redirections, etc. and block out direct access to login.php. The easier method is to install and very cool little plugin, made by Devbits, called “Stealth-login”. I use this plugin on some of my sites, and it works! Which is fantastic.
So you can download that here.
Remove the WordPress Generator Tag
The bit of code that you want for this is simple:
There are a few places you can do this, but I would recommend adding it to the functions.php file in your theme. So open that up, make sure that you have your <?php wherever you want to add it, and past it in there.
And that is that.
Please let me know if A) this was useful to you, B) You know of any plugin that does all of this stuff, or C) You think that I should make a plugin that does all of this automatically. You should also of course tell me if you perceive a danger is doing this, or if you think that there is a more effective method. Or if you have any questions.
Otherwise, thank you for your time