开发者

(drupal 6) how to disable admin login by modify file in server?

开发者 https://www.devze.com 2023-01-28 13:37 出处:网络
In my drupal site, admin user name is admin. Im worried someone brute force this account. I hope when I just logged out using admin user name, I can temporarily disable admin user name by modify som

In my drupal site, admin user name is admin.

Im worried someone brute force this account.

I hope when I just logged out using admin user name, I can temporarily disable admin user name by modify some file in the server th开发者_开发问答rough ssh


You could rename the admin account by going to "user/1/edit" (or using the Users list), and change "admin" to something else. It will still be seen internally as the super-admin account, yet people won't be able to login using the name "admin" even if they try to brute-force it.


I agree with Wildpeaks, but he doesn't really answer your question.

Locking out any user, including the #1 superuser, is easy if you have access to the database, either using mysql over ssh or with a tool like phpmyadmin. To block a user, you need to set the status column to 0. for instance, if you want to block user #1:

UPDATE `users` SET `status` = 0 WHERE `uid` = 1;

This method will prevent the blocked user from logging in and will terminate his current session.


Another way to enable or disable users via SSH: Drush.

drush is a command line shell and scripting interface for Drupal, a veritable Swiss Army knife designed to make life easier for those of us who spend some of our working hours hacking away at the command prompt.

  • Use the command drush user-block 1 to block the admin account.
  • Use the command drush user-unblock 1 to unblock the admin account.


I would go with wildpeaks' suggestion, or set the admin account to 'inactive' if you have another account that you use to do daily administration.

0

精彩评论

暂无评论...
验证码 换一张
取 消