Follow us on Twitter!
Syndicate content
Login - Register - Latests submissions
Home

users

Disallow odd usernames
Drupal 5.xDrupal 6.x
permalink
Going live Going live
users

It is recommended that you prevent users from registering on your website with some odd usernames like:

  • root
  • admin
  • administrator
  • webmaster

To prevent this from happening:

  • Go to Administer > User management > Access rules > Add rule
  • Set Access type to Deny
  • Set Rule type to Username
  • In Mask type root
  • Click the Add rule button

Repeat this for every username you don't want to be created on your site.

jchatard

Protect user 1
Drupal 5.xDrupal 6.x
permalink
Going live Going live
security, users

It's highly recommended that you protect user with uid 1, i.e. the one who has life and death rights on your Drupal installation.

Disallow user 1 deletion:

Disable user 1:

  • Be sure to have at least one user (other than uid 1) that has the permission administer users from user module.
  • Login with this account (again other than uid 1)
  • Go to Administer > User management > Users
  • Edit user with uid == 1
  • Set Status to Blocked
  • Click Save

Now user 1 can't login to your website. No more risk for password discovery for this account.

Please note that you should check enabled modules code, sometimes they use user 1 to achieve some tasks. And this could break some modules features. So use with caution.

Protect Critical Users module
jchatard