WordPress Security Tip – Limit Unwanted Users

December 1, 2013
Rachel Avery Conley


I have a lot of opinions about WordPress Security. Backup often! (and in multiple places!) Use Akismet for Spam!
This is a quick tip for making sure that unwanted users can’t register on your blog and use it for hacking or spamming. It’s just an innocent checkbox that lives in the General part of the WordPress settings tab in the sidebar of your dashboard. If it is checked, it will allow anyone to register as a user, and anyone will. Robots exist that troll around the internet looking for WordPress blogs that have this boxed checked. Then they register. Then they do a myriad of things with those account. Mostly they try to hack into your site to do REALLY bad things. I have worked with individuals that have beautiful WordPress websites, but had this box checked and receive HUNDREDS of new user notifications in their email each day. That alone is a reason to make sure it is not checked.

Now it exists because some sites have functionality that may need that ability. If you are a photographer or a creative professional and you are using your website as a portfolio with a blog element, you don’t need it. So go check it out, well I mean uncheck it… wait. Oh, just go see what your settings hold!

users1 users2