Hiding the WordPress site and CMS is a good idea when you want to protect your website from hacker bots attacks.
Usually, the bots try to inject scripts and queries into the website no matter if they are WordPress or other type of CMS.
Most of the attacks are targeting the well known plugins with vulnerabilities which have a door to the WordPress core.
This should be the main reason you should hide the CMS.
To hide the WP CMS you need to:
- Hide all the WP headers
- Hide all the WP comments and versions
- Change and hide the WP common paths like wp-content, wp-includes, plugins, themes and cache directories
- Hide the files readme.html, xml-rpc.php, install.php, wp-config.php and more
- Hide classes from source code beginning with “wp-” (make sure the plugins are not using them)
A faster way to hide the WordPress site without coding, we recommend you to install the Hide My WP Ghost plugin