I am sure most of you guys already know one of many ways to keep your WordPress site secure after installation is to change WordPress admin ID and username.
In most themes, the author name and link to the URL will be displayed by default, although you can remove that, WordPress has the same files, and this is why, it’s easy to track things in the URLs.
Even if you changed the display name, there is still a big problem even if you have changed your Admin username, which is the admin’s ID number, which is by default 1.
Now, you might want to delete the or replace the WordPress Admin ID no 1, create a new Admin user. But this is also very easy to guess, you will definitely have the ID no 2. Even if you create again and again, you will be tired adding the new users after the 10th number.
Export WordPress Database using phpMyAdmin
Plus, if you have pretty permalink, after typing yourdomain.com/?author=1 people will know your login name. You can replace the 1 number with any numbers.
The solution? WordPress Admin ID with a custom number
In my opinion, the only way to get custom ID is creating the custom ID number administrator in phpMyAdmin.
I found this good resource that guided me through the database process. I don’t choose the SQL command line, because I was in doubt that it may break my db, so I choose the knob way, which is manually creating it on the database itself.
What we will basically do:
1. Create many users in our site, and make these users as authors or contributors, see the WP roles and capabilities codex here.
2. Create an admin with a custom ID number
3. We only login with the admin we created on no 1, and apply all post authors to the users on no 2 to actually confuse people who have bad intentions to hack our site.
In this video I am going to show you, first, to change your nickname and display name in public comment or posts, then create WP administrator username and custom ID number via database directly.
Because we want to work with the database, it is very important to backup your database first. Want to know more how to backup the database? This video tutorial shows you how to backup quick your database, and this one to backup automatically with a plugin.
Let’s get started
1. Creating the new Users
1. Login to your dashboard, domain.com/wp-admin
2. Hover on “Users” and select “Add New” button
3. Fill up the forms, make sure following:
a. Puting the email address that you haven’t used in the website.
b. The role should be author or contributor. I recommend author as you can publish the post without waiting to be approved by Admin.
Repeat the process until you have many users as authors and contributors.
2. Creating custom WordPress Admin ID with custom number
1. Access phpMyAdmin.
2. Choosing the right database, if you have many and not sure which one, you can check on wp-config.php.
3. Click on tableprefix_users tables, click on “Insert” button. Replace the tableprefix_ with your table prefix or it’s wp_users if you still have the default one.
Fill up the forms, I use 10209 as my admin ID number (replace my data with your own) and click “Go” once you made database backup and once you’re done with the forms as shown in the pictures.
4. Click on tableprefix_usermeta, and click on “Insert” button again, and fill the forms as following;
1 | a:1:{s:13:"administrator”;s:1:"1";} |
I strongly recommend typing the double quotes in the code manually instead of copy and pasting.
Click “Go” and click “Insert” button again. Fill the forms;
5. Login to your dashboard with this newly created admin user login and password, and edit your profile by hovering the icon on the top right of your dashboard, and select “Edit My Profile” link.
Change some necessary stuff here as you like.
If you still have Admin ID 1 user, then I recommend you to change the role to subscriber or author and not deleting it from “Users” page.
3. Assign your new posts to the authors or contributors we did on the no. 1 above (creating the new users section). Note: never the admin, we will use admin only to login, never to post.
That’s it. Of course, this is not the only one we can secure our blogs, but one of the many ways we can do to protect our websites, share your experience 🙂