WordPress Security Tips: Check if WordPress readme.html file is accessible via HTTP on the default location
You should be proud that your site is powered by WordPress but also hide the exact version you’re using. readme.html contains WP version info and if left on the default location (WP root) attackers can easily find out your WP version.
This is a very easy problem to solve. Rename the file to something more unique like “readme-876.html”; delete it; move it to another location or chmod it so that it’s not accessible via HTTP.
If you are concerned about WordPress security on your site, we encourage you to follow the full set of tips on our WordPress Security page. And get in touch if you need help with protecting your site from hackers.