Free WordPress detector · Instant · No signup
WordPress Detector
Find out if a site runs WordPress. Domain Doctor checks the tell-tale signals and flags a publicly exposed version, which is a security risk.
VASTROX HOSTING · EMAIL · DNS · SSL
Want VASTROX to fix every issue above — for you?
Don't fix it alone. Our team configures your SPF, DKIM, DMARC, SSL, DNS and security headers correctly, then hosts you on fast NVMe infrastructure so your domain scores an A and stays there.
- Every failing check fixed and verified
- Hosting, business email, DNS & SSL under one roof
- Free migration from your current provider
What this checks
WordPress powers a huge share of the web, which also makes it a prime target. Detecting WordPress — and especially an exposed version number — tells you how much attack surface a site presents.
Domain Doctor looks for WordPress signals like /wp-content/, the REST API at /wp-json/, the generator meta tag and login page, and warns if the version is publicly readable so attackers can match it to known exploits.
Common WordPress Detector errors
- WordPress version exposed in the page source or readme
- Login page reachable without rate limiting
- REST API leaking usernames
VASTROX MANAGED WORDPRESS
Fast, secure, managed WordPress
VASTROX managed WordPress hides your version, patches vulnerabilities, and keeps the site fast and backed up.
- Hardened, version-hidden WordPress
- Automatic updates and backups
- NVMe speed with caching
Trusted by businesses for hosting, VPS, business email & game servers · Free migration · Real support
Frequently asked questions
How can you tell a site uses WordPress?
Common signals include /wp-content/ and /wp-includes/ paths, the /wp-json/ REST API, a wp-login.php page, and a generator meta tag naming WordPress.
Is exposing my WordPress version dangerous?
It helps attackers match your site to known vulnerabilities. Hide the version and keep WordPress, themes and plugins updated.