Last update at :2023-12-13,Edit by888u
Although the WordPress blog program is bloated, it still has one of the largest number of users, rich plug-in resources, high-quality themes, etc.! We all know that after the WordPress program is successfully installed, the default administrator username is admin, and modifications need to be made through the data table, but in fact WordPress has long allowed users to choose their own username when registering, and Not the default admin. The default admin will bring many disadvantages. If the password set is weak, it can be easily cracked!
For webmaster friends, most of the programs use admin, including some host panels. This is also the case with this site before, so I’m used to it! However, in order to prevent security risks, it is recommended that no matter what website you are on, it is best not to use the user name admin as the administrator's user name, or just add such a user name in the background of the website, but do not give administrator rights. , which prevents some scanning and login attempts from websites on the network.
In addition, if the admin username is used, we can also prohibit using the admin username to try to log in to WordPress. When the machine uses admin to scan the blog, the login interface is directly blocked and is not allowed to scan, which can strengthen the control. To prevent website security, the specific method is to add the following code to the functions.php file of the current theme:
//WordPress prohibits attempts to log in using the admin username
add_filter( ‘wp_authenticate’, ‘fanly_no_admin_user’ );function
fanly_no_admin_user($user){
if($user == ‘admin’){
exit; }
}
add_filter(‘sanitize_user’, ‘fanly_sanitize_user_no_admin’,10,3);function fanly_sanitize_user_no_admin($username, $raw_username, $strict){
if($raw_username == ‘admin’ || $username == ‘admin’){
exit; }
return $username;}
If your WordPress is still using a username like admin, it is recommended that you create a new administrator account through the background, and then delete the admin user.
Recommended site search: US virtual host, vps virtual server, website agent registration, US unlimited content host, Korean virtual host, dual line dual IP, domain name, registered domain name, site group server, high defense server,
发表评论