Secure your users with WPMasterToolKit's "Blacklisted Usernames" module
When managing a WordPress site, user account security is a top priority. Using common or easily guessed usernames can be a gateway for attacks. To remedy this problem, we've developed the Blacklisted Usernames for WPMasterToolKit. This module helps you prevent the use of vulnerable usernames and offers a proactive solution for securing your site.
Which plugin can the Blacklisted Usernames module replace?
This module can replace plugins dedicated to managing username restrictions or basic protection against malicious users. Unlike some third-party plugins, which add an unnecessary burden, Blacklisted Usernames is optimized to load only when activated, in keeping with WPMasterToolKit's performance philosophy.
The module's main functions
1. Blocking forbidden usernames
The module incorporates an exhaustive blacklist that prevents the registration or use of usernames considered dangerous. This list includes :
- Generic names such as "admin", "root", "user".
- Names linked to system or technical functions such as "ftp", "server", "database".
- Special characters and strings that could cause vulnerabilities.
Using the WordPress filter illegal_user_logins
the module automatically adds these names to the list of prohibited identifiers.
2. Proactive verification of directors' accounts
The module does more than just block new registrations. It proactively checks existing admin accounts. If an admin account uses a blacklisted username, an alert message is displayed in the dashboard with an option to correct the problem immediately.
3. Secure user name modification
Thanks to an AJAX interface in the administration, administrators can easily change their user name directly from the alert. This process uses a secure nonce to prevent abuse, and guarantees that the new name chosen is valid and unique.
How do I use the Blacklisted Usernames module?
- Activation Activate the module from the WPMasterToolKit interface. Once activated, it will immediately start monitoring usernames.
- Blocking forbidden names Any attempt to register or use a name on the blacklist will be automatically blocked.
- Administrative alerts : If an administrator uses a blacklisted username, a notification will appear in the WordPress interface with a prompt to change the name.
Example of use in code :
If you wish to customize the blacklist, you can use the filter illegal_user_logins
:
add_filter( 'illegal_user_logins', function( $usernames ) {
$usernames[] = 'example';
return $usernames;
});
The technical choices behind this module
1. Optimized performance
We've designed this module to load its PHP classes and WordPress hooks only when activated. This limits its impact on overall site performance.
2. Native WordPress integration
We've taken advantage of existing WordPress hooks (illegal_user_logins
, admin_notices
etc.) for a natural integration that respects WordPress standards.
3. User and administrator protection
The module makes a point of protecting administrators, often the main target of attacks. By combining proactive verification with a simplified process for modifying usernames, it significantly reduces the risks associated with weak credentials.
Conclusion
The module Blacklisted Usernames is an effective solution for strengthening the security of user and administrator accounts on your WordPress site. By preventing the use of vulnerable usernames and making it easy to modify them, it protects your site against common attacks, while remaining lightweight and high-performance.
Adopt this module today and reduce the risks associated with insecure usernames on your site!