Change url somehow for admin’s profile?
-
Hi,
As part of security for WP, I think it’s a good idea to keep admin’s info away from any visitors when possible. I.e. don’t use “Admin” for the admin login, but a custom one. I have done this on my site in question, but obviously now with BP installed, someone hovers over my name and goes to my profile and can easily see what my admin username is. They can even see it just in the URL, so disabling view of a username via conditionals won’t work either. Even if I do a redirect from that URL to the main page, well, they still see it on the link when hovered over.. http://domain.com/members/adminexamplename/ And also, I would want people to visit the admin profile anyways, just to see the forum posts, etc.
Does anyone have any ideas? Thanks.
-
Well… I’m running a site that the members would like to know the admin is active on… responding to questions, posts, etc. It would be like coming here and finding the developers never talk on the forums. So, it’s simple… Someone knows 1/2 of the equation to enter my admin account. Just like on here, I know 1/2 the equation to get into your account. I’m not a hacker by any means, but there are others out there who like to do malicious things to sites just for the hell of it. I have customers involved, so if someone hacks my site, that makes me look very bad. That’s all. I just thought I would ask.
I know in a response you mentioned googling methods to help secure WP. Well, I know from several years ago about making a database edit to the username for the original admin. This was before you could choose the first admin’s username. This made very good sense to me now because now its like you almost need 2 passwords. But now, with the way this is all implemented in BP, and without a work around, changing “admin” to something else is useless.
The only other thing I can think of would be to just make another account that is an Editor or similar role and only do posts on that. This way they won’t be able to access things like user info, etc.
Didn’t mean for this to blow up, just thought there might be a simple function to call. thats all
Thanks for the interest.Figured it out:
Hopefully this doesn’t break anything, but i’ve tested it with profiles and it works.
I looked in the database and changed my specific admin account’s “nicename”… the nicename is there i’m pretty sure for exactly that, a name that plays nice with URLs.
I’ve made the nicename into ‘adminexample’ while my login remains the same. On the members listings, my url for my profile is ‘adminexample’.Success! I think. Does anyone have any ideas why a user’s login and nicename would need to be excactly the same?
[Edit: just thought of one… If another user makes an account with “adminexample” we could have issues ]
Finding from Edit:
Success! I created a new account with the “adminexample” as the username (same as the admin’s account nicename) and it simply created a /members/adminexample-2/ for the profile page. Awesome.
Now, having figured this out, it doesn’t seem unreasonable for this to be somehow integrated into BP core, but I do realize this could mess up a lot of other plugins. Guess that’s why I’m not a big time developer.
Enjoy if this helps you.
- The topic ‘Change url somehow for admin’s profile?’ is closed to new replies.
