Support » Fixing WordPress » Fake username for all content

  • Hi Friends,

    I receive every day some site hacking attempts by the password recovery functionality.

    These attempts, use unlikely but sometimes very similar users, and and even if the site connection is over https, I wouldn’t want them to succeed in the attempt.

    I think that a good idea should be to pubblish every contents, over a “pseudonym”, that is a simple fake user, as a nonexistent user, instead of hide totally the publisher name.

    Thus, it would become impossible to trace the real username for the attackers.

    What do you think about?
    Is this functionality need to install a specific one plugin for this purpose?

    Many thanks!

Viewing 2 replies - 1 through 2 (of 2 total)
  • I’d just publish my content under a pseudonym with limited capabilities outside of editing articles if I was worried about that at all.

    Try to never publish as ‘admin’ or a user with admin privileges.

    A better option might be to install WordFence and let it deal with that stuff.

    https://wordpress.org/plugins/wordfence/

    On most of my sites, I install iThemes Security and WordFence together as they work well with each other.

    https://wordpress.org/plugins/better-wp-security/

    One more tip is to install the WordFence Assistant plugin but leave it disabled just in case WordFence locks you out as admin (that might happen here and there).

    https://wordpress.org/plugins/wordfence-assistant/

    You’ll need to activate the Assistant via WP-Cli or some other ‘trickery’ but you’ll have it as needed. A second admin account or a user account that can be promoted via phpMyAdmin is the way I provide for that contingency.

    • This reply was modified 3 months, 1 week ago by JNashHawkins.

    ..Try to never publish as ‘admin’ or a user with admin privileges.

    Well!

    A better option might be to install WordFence

    It is installed for some time

    A second admin account or a user account that can be promoted via phpMyAdmin is the way I provide for that contingency

    Well!

    many many thanks for the tips!

    I’ve open the same question on Wordfence support forum, here: https://wordpress.org/support/topic/fake-user-for-all-content/#post-11898080

Viewing 2 replies - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.