Securing WordPress – No “Admin” User

I’ve been studying up on ways to “harden” WordPress websites against hackers and malicious code attacks. One thing I’ve learned is that it’s safer if the WordPress Admin is not actually named “Admin”. So I’ve been going back through all my WordPress blogs and fixing this.

You cannot actually change a username, so I’ve been creating a new user with Administrator status, then deleting the old “admin” and attributing all the posts and comments to the new user.

So if you create a WordPress blog or website, my advice is to change the default “admin” username to something else.

Comments are closed.