In the past, the default administrator username for WordPress installation was admin. If we didn't want to use this username, we could only modify it through the data table. However, we chose our username for WordPress installation. However, many users basically get used to admin, which is easy to guess.
To make the website more secure, we recommend that you do not use admin to set the administrator's username. However, you can add an admin account in the background without any permissions, this prevents logon attempts by scanning machines on the Internet, so we can disable the use of admin username to log on to WordPress. When the machine uses admin to scan wordpress, the login interface is directly blocked.
The procedure is as follows:
Add the following code to the functions. php file of the current topic 111cn:
// WordPress prohibits the use of the admin user name to log on to add_filter ('WP _ authenticate ', '111cn _ no_admin_user'); function 111cn_no_admin_user ($ user) {if ($ user = 'admin') {exit;} add_filter ('sanitize _ user', '111cn _ sanitize_user_no_admin ', 10, 3); function 111cn_sanitize_user_no_admin ($ username, $ raw_username, $ strict) {if ($ raw_username = 'admin' | $ username = 'admin') {exit;} return $ username ;}
After this operation, our wordpress will not be able to log on with the admin user. If your website is still using the admin user name, we recommend that you create a new administrator account that someone else cannot guess after the website, then, delete admin.