A pretty basic security measure you can take with WordPress is to not use the default admin username on your site. The default administrator username is the subject of most brute force attacks, because as a default, it is known to everyone. If it exists the attacker only has to guess the password to gain access to your site, instead of having to guess both of them, this makes their job significantly easier. If your site has this account it is wise to remove it as soon as possible. This article will explain how you can do so. To accomplish our goal we will create a new administrator account with a different username and then delete the default admin account.
Before we begin
The procedure is very simple, but just to err on the side of caution it is highly recommended to create a backup of the database before proceeding any further.
Create a new administrator
If we navigate to Users > All Users we will see a list of existing users on our site, if admin is not in the list, our job is done, if it is however, read on on how to fix this.
Click the Add New button and proceed to fill in the required information for the new user.
TIPS: use a different email for the new user, WordPress won’t
Source: https://managewp.org/articles/18491/how-to-remove-the-default-admin-username-in-wordpress-cssigniter
source https://williechiu40.wordpress.com/2019/03/28/how-to-remove-the-default-admin-username-in-wordpress-%e2%80%a2-cssigniter/
No comments:
Post a Comment