Home > security > Secure Wordpress: Change admin

Secure Wordpress: Change admin

November 12Hits:0

I'm sorry if this is an extremely stupid question.

I've been looking for ways how to secure my WP and a lot of websites suggest to create a new admin user account and delete the old one. Now, if I use a different screenname as author (when writing comments etc.) - how could hackers still find out what my admin username is anyways?

I'm just wondering if this step really makes sense unless your administrator username is "admin".

Thanks a lot for clarification.


Sorry, if your username isnt admin (older versions) you really dont need to do that.

What i would reccomend is for you to install 2-3 plugins
ordered here by their importance:

  1. wordpress firewall 2
  2. Limit Login attempts
  3. Wp Security Scan

Wordpress Firewall should stop must hack attempts directly on your site, Limit login should end any change of a brute login attemp and wp security should show you any loop holes in your file permission structure and othere stuff...

Hope this helps :)


Related Articles

  • Secure Wordpress: Change adminNovember 12

    I'm sorry if this is an extremely stupid question. I've been looking for ways how to secure my WP and a lot of websites suggest to create a new admin user account and delete the old one. Now, if I use a different screenname as author (when writing co

  • Securing WordPress Blog InstallationJuly 20

    Besides having secure passwords for my blog user and database connections, what should I do to make sure my WordPress installation is secure on my Linux shared server? --------------Solutions------------- I think the best suggestions are well explain

  • Secure Wordpress Login With Two Factor Authentication Using privacyIDEA

    Secure Wordpress Login With Two Factor Authentication Using privacyIDEAJune 16

    Secure Wordpress Login With Two Factor Authentication Using privacyIDEA Wordpress is THE widely spread blogging system that is not only used for private blog sites but sometimes also as CMS for company web sites. Wordpress is very good maintened and

  • 10 Tips to Secure WordPress

    10 Tips to Secure WordPressJune 24

    Keeping WordPress secure is important in order to ensure that your site isn't compromised. Uptime is maximized, your data is safe, and your site runs as quickly and reliably as possible. Today we'll look at 10 ways to help improve and maintain your W

  • More Tips to Further Secure WordPress

    More Tips to Further Secure WordPressJuly 9

    WordPress has often been seen as the unofficial scapegoat to blame various security breaches on. Like many other popular web applications, WordPress is an attractive target for attack. Obviously, the security in WordPress, as with any application, ne

  • WordPress Network admin options page: how to store options and where will they be stored?February 15

    I'm creating an additional WordPress Network admin page, and I need to store some system-wide option. The good thing that a config file will be generated, so no access is required from the child blogs, but the question is: how to store options to Net

  • Wordpress wiget admin panelAugust 29

    I'm trying to achive this thing in wordpress wiget admin panel : http://jsfiddle.net/George02/mkuxcwf5/1/ The problem is that the jQuery seems to not work . public function form( $instance ) { ?> <?php wp_register_script('customscript', get_template

  • Tables vs. Booleans: Which of the two are more secure for setting admin roles in an app? December 18

    I'm currently in the process of setting up roles where there are regular users, admins, and super admins, each of which have special permissions. I deferred to this post on how to do so. It basically comes down to either setting up a few tables in ad

  • Wordpress custom admin functions securityOctober 1

    i have a case in my admin panel where i need to call my own function that resides in my own php file, with a GET request. This function is actually removing entries from the database. So, i would like to make sure that this cannot be invoked from any

  • Will using SSL to secure Wordpress admin area only still actually be secure?March 29

    The vast majority of our website contains no sensitive information, logins, forms, etc. However there are portions driven by wordpress so we are looking into getting SSL to secure these areas. There are many articles on the internet that instruct to

  • WordPress plugin admin page - using WordPress function in linked php fileJune 24

    Asked this question on StackOverflow and they directed me over yonder... nice place ya got here =) I've been developing a pretty simple WordPress plugin, and wanted to do some live validation of certain fields on the page, which is where I am stuck.

  • How to secure WordPress XMLRPC?January 31

    XMLRPC is great for remote publishing to WordPress, but there has been many security issues attributed to it. How do it make it more secure? More specifically, only user from the intranet will be publishing through XMLRPC. WP is currently running on

  • Wordpress - cleartext admin credentials disclosureJanuary 9

    I am testing my own wordpress blog against security issues with wpscan. Honestly I have never done that before and was shocked after I saw the result. One vulnerability of my wordpress site is: [+] WordPress version 3.8 identified from rss generator

  • Securing WordPress Against Hackers and DDoS Attacks

    Securing WordPress Against Hackers and DDoS AttacksMay 12

    There's no disputing the popularity of WordPress, which powers more than 74.6m sites around the world, with 48% of Technorati's top 100 blogs being managed by the platform. In the online world though, anything that's popular is more open to attack an

  • Wordpress wp-admin redirect loop behind IIS ARR Reverse Proxy

    Wordpress wp-admin redirect loop behind IIS ARR Reverse ProxyAugust 12

    I've got a bit of a unique and interesting setup going on from what I can tell, with an interesting issue. I have a Windows Server 2012 box as my main web server hosting website.com. At http://website.com/sites/ I have a reverse proxy setup with ARR

  • modsecurity rule for blocking wordpress / joomla admin login - othersNovember 10

    I have an old rule for ModSecurity 1.x to block admin brute force attacks, and only allow them in the internal network. When I migrated to 2.x, it stopped working. Also the networking ipmatch rules drive me insane, as they do not allow a /8 and only

  • How Do I Secure WordPress Blogs Against Elemento_pcx Exploit?May 4

    I have a client who has several WordPress 2.9.2 blogs that he hosts. They are getting a deface kind of hack with the Elemento_pcx exploit somehow. It drops these files in the root folder of the blog: -rw-r--r-- 1 userx userx 1459 Apr 16 04:25 default

  • The feasibility of using a VPN to secure only the admin portion of a siteOctober 12

    It has been suggested that the admin section of a custom CMS we use require VPN access to reach. How feasible is this? The site has a front end http://thesite.com and a backend http://thesite.com/admin so how feasible is it to set things up so that a

  • Why wordpress showe "admin is editing-" whoever edits?November 10

    Wordpress warns users when two of them are editing the same article, but the warning always says "admin is editing this page". Admin is currently logged off and the message is caused by another author. Language files have the %s in place. ------

  • Mechanism to send to users of secured WordPress install new notifications by SMS or email?June 18

    I have a family website, private, requires a WordPress account, in WordPress. Some of my family members would like to get the option for notifications of new posts by email or text message. Email seems easy enough, there are plugins and services for

Copyright (C) 2017 ceus-now.com, All Rights Reserved. webmaster#ceus-now.com 14 q. 0.472 s.