Content-Management-System-Found/EN

Aus Siwecos
Wechseln zu: Navigation, Suche

Check of the CMS version

If the result is positive, there is no need for further action. If the result is negative, please read the following instructions.

Result positive Your current CMS version cannot be identified. Thus it cannot be determined whether you are using a vulnerable version.
Result negativ Content Management System (CMS) identifiable
Description The current content management system (CMS) can be identified. This information could be used by an attacker to search specifically for security flaws for this particular CMS.
Background A content management system (CMS) is a software that allows a team of authors to collectively create, edit and manage content, mainly on websites, but also for other media types. If an attacker can find out which CMS version is being used, he or she can search for security flaws more effectively.
Consequence It is possible to read the version of the content management system (CMS) from the outside. If the CMS is not up to date, criminals can exploit various security flaws to compromise the system and to store malicious code.
Solution/Tips Always make sure that installed web servers and the content management system (CMS) are up to date. Some CMS allow you to hide the version information. Use this feature if it is available. The WordPress Plug-in "Hide My WP (German only)" may be interesting for you.

Further example for WordPress: In order to prevent attackers or hackers from reading the WordPress version directly, you can add the following line of code at the very end of the file functions.php:

--snip

remove_action('wp_head','wp_generator');

--snap