👓 Securing WordPress’s membership settings | Roy Tanck

Read Securing WordPress’s membership settings by Roy Tanck (roytanck.com)
For as long as I can remember, it’s been possible to configure WordPress like this:
Screenshot of WordPress’s membership settings, as found under Settings -> General
In essence, this combination of settings translates to: “Please take my site. No seriously, it’s yours.“. Allowing new users to sign up, and then making them site administrators allows them to completely take over your site.
I’m really surprised that this is not a heavily protected option and can’t think of a reason people would really want to do such a thing.

Published by

Chris Aldrich

I'm a biomedical and electrical engineer with interests in information theory, complexity, evolution, genetics, signal processing, IndieWeb, theoretical mathematics, and big history. I'm also a talent manager-producer-publisher in the entertainment industry with expertise in representation, distribution, finance, production, content delivery, and new media.

Leave a Reply

Your email address will not be published. Required fields are marked *

To respond to a post on this site using your own website, create your post making sure to include the (target) URL/permalink for my post in your response. Then enter the URL/permalink of your response in the (source) box and click the 'Ping me' button. Your response will appear (possibly after moderation) on my page. Want to update or remove your response? Update or delete your post and re-enter your post's URL again. (Learn More)