Following on from the previous article about not making the admin account easy to spot we can apply the same train of thought to a WordPress blog. The majority of blogs on this site have a single author (this blog included). That means it’s safe to assume that the author of all the articles is the user who has admin rights to the blog.
WordPress used to force people to manually add code to the functions.php file, which is attached to every theme, however they must have noticed a lot of people doing it as they’ve now added a nifty toggle switch on the site which you can use to hide the author’s name. Heres how to find it:
- Once logged in to WordPress select “My Site” then “Customize”.
Hiding the author name on blogposts 2. Select “Content Options”.
3. Untick the “Display author” box.
Your posts should now have a blank space where the author used to be shown:
Little tips/tricks like these won’t stop any determined attacker, but remember. The longer someone has to spend getting access to somewhere, the more likely they are to give up before getting what they want.
Urban Security Research 