SEO (Search Engine Optimization)
Mobile App Graphics
PDF Conversion from other formats
Website Redesign & Overhaul
As we continue our blog posts for WordPress safety tips in honor of Cyber Security Month, we will discuss the biggest mistake many WordPress site owners make when setting up their site: using “admin” as the username for the WordPress administrator account. This mistake is so common that many hackers take advantage of this; hackers usually try to hack WordPress sites for their administrator accounts simply by trying break into accounts called “admin”. The best thing to do is create a unique username for your administrator account that no one will be able to figure out, thus adding an extra layer of security to your site. Remember, there is no true and tested way to make your WordPress 100% hacker proof but you should always try to implement best security practices to ensure security.
When you were setting up your WordPress site, you may have used some sort of self-installer provided by your hosting provider which generated an administrator account called “admin” by default. If you are given the option to create the username for the administrator account, make sure you use something that does not contain the word “admin” and of course do not simply use “admin” as the username. In the WordPress dashboard, sign in to the administrator account and hover over the “Users” tab on the left hand side and then click “Your Profile”; here you will be able to check and see what your administrator account’s username is. You may notice that next to the username field, it will say “Usernames cannot be changed” and the box is greyed out and disabled; this does not mean you cannot change the username. If you are using “admin” for the administrator account’s username already, do not fear as we will go over how to change it manually with PhpMyAdmin. You should be able to access PhpMyAdmin through the dashboard of your hosting provider, who you may want to consult with if you cannot find access to PhpMyAdmin (dashboards vary depending on your provider).
Refer to the image below for the steps on changing your administrator account’s username:
Remember to ensure that the administrator account’s new username does contain the word “admin” or “administrator”; it should be unique to you. If possible, avoid sharing the administrator account with other people; you can always add another administrator account for other users who maintain and manage your site. Last week, we wrote a post about security plugins (you can check it out here); one of the plugins we covered was iThemes Security which allows you to also change the login page’s URL. We recommend also changing the login URL from “wp-admin” to something that only you would know; this also helps keep unauthorized users out of the administrative area of your site.
© 2018 Creativity Design Group. All Rights Reserved.