题
I wonder if there is a way of disable user-registrations completely? I have a client that is really in no need of adding users. For me that would be an extreme measure of security. Of course I must be able to add users through code or similar.
Is there a way of achieving this?
解决方案
You can disable your user-registration by routing to Settings > General and then do the following:
Search a checkbox that says “Anyone can register” Uncheck this, so nobody can register on your blog. Now when someone accesses the login page, there will no longer be a “Register” link they can use.
http://www.netwebbing.com/wordpress-user-registration-disable/
Also if you still want a registration page, that's kind of secure. Look at the following:
其他提示
Tried to find a plugin / SO answer to disable user registration completely (as in: prevent bots from registering accounts when Anyone can register is unchecked).
Couldn't find any, so I made this plugin.
Besides disabling checkbox Settings > General > Anyone can register, you may want to add a simple mod_rewite to your .htaccess @Andrei Gheorghiu is right, Hiding the link to the script does not hide/disable the script.
So, something like that will prevent spam boots to register, return a '403 access denied', and keep your logs lighter
https://stackoverflow.com/questions/22500466
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{THE_REQUEST} ^.*(wp-login.php\?action=register).* [NC]
RewriteRule ^(.*)$ - [F,L]
</IfModule>
Didn't want to install an extra plugin if there was a simple way around this (and it felt like there was one).
I simply followed the PHP logic that handles registration, and it seemed to point to a single script:
wp-signup.php
I renamed that script, and I am confident there won't be more attacks. I'll update this post in a couple of weeks.
Another gaping loophole for account creation that I found on our site was created by WooCommerce.
There is an option under:
WooCommerce Settings
Accounts & Privacy
Allow customers to create an account on the "My account" page
And the default (at least for us) was to have it on.
Another option -- if you just want to update via DB change:
update wp_options set option_value=0 where option_name="users_can_register";
It is actually really easy to find:
source: https://www.competethemes.com/blog/disable-user-registration-wordpress/
