I think if you are working in the WordPress world it helps to be paranoid. ;-) That's why I'm working with Drupal and gave up searching for answer to this question myself. <div><br></div><div>Steve<br><br><div class="gmail_quote">
On Tue, Jan 29, 2013 at 8:19 AM, Earnie Boyd <span dir="ltr"><<a href="mailto:earnie@users.sourceforge.net" target="_blank">earnie@users.sourceforge.net</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div class="im">On Mon, Jan 28, 2013 at 10:41 PM, Steve Wickham<br>
<<a href="mailto:steve@wickwoodonline.com">steve@wickwoodonline.com</a>> wrote:<br>
> >From what I understand, in the WordPress world it is a fairly common thing<br>
> to change the path of the user login page in order to harden the site<br>
> because this helps prevent bots from finding the login page in the first<br>
> place. The other thing that is commonly done is to change the preassigned<br>
> admin username to something else.<br>
><br>
> I myself have wondered about how this might be done with Drupal, and have<br>
> never found an answer. Although to be honest, i never looked that hard. So<br>
> if you do find the answer, or if someone knows the answer to this, please<br>
> post it back here.<br>
<br>
</div>It can be done but you have to study the hooks system of the API. But<br>
setting user registration to admin only and removing the login block<br>
should be sufficient. Changing /user is a bit on the paranoid side.<br>
<span class="HOEnZb"><font color="#888888"><br>
--<br>
Earnie<br>
-- <a href="https://sites.google.com/site/earnieboyd" target="_blank">https://sites.google.com/site/earnieboyd</a><br>
</font></span><div class="HOEnZb"><div class="h5">--<br>
[ Drupal support list | <a href="http://lists.drupal.org/" target="_blank">http://lists.drupal.org/</a> ]<br>
</div></div></blockquote></div><br></div>