Don't use "admin" ?? | WordPress.org

Howard Harkness
(@chltx)

8 years, 5 months ago

I *always* keep the account named “admin” even with the internal ID of zero. But on first login, I create my real admin account, log out of the original, log in to the new, and change the original admin account to have no role at all on the site, and give it a 45-character randomly-generated password (which I do not bother to save anywhere, because it is not needed).

What I would like is a plugin that immediately puts the IP address of ANY attempt to login as “admin” into my .htaccess deny list. Preferably keeping the deny list sorted, so that it’s easy to spot when several attacks are coming from the same IP group, and just block them all (to prevent the deny list from getting so long that it impacts site performance).

https://wordpress.org/plugins/monkey-trapped-login/

Viewing 1 replies (of 1 total)

Noam Eppel
(@mrtortai)

7 years, 2 months ago

WordFence has this capability.

Viewing 1 replies (of 1 total)

The topic ‘Don't use "admin" ??’ is closed to new replies.

Tags

In: Plugins
1 reply
2 participants
Last reply from: Noam Eppel
Last activity: 7 years, 2 months ago
Status: not resolved