It is worth to hide the WordPress version? Does it enhance your security? I think the answer is NO.
- How to detect WordPress version:
- meta generator tag
- RSS feed
- Advanced Fingerprinting
- Query strings in install.php/upgrade.php (my own method)
It is very hard to block all these way and it protects you only from some security scans. The real bots don’t try check WP version, they simply try to exploit any vulnerable URL directly.
You can found the details in my article.