I think if you are working in the WordPress world it helps to be paranoid. ;-) That's why I'm working with Drupal and gave up searching for answer to this question myself.
Steve
On Tue, Jan 29, 2013 at 8:19 AM, Earnie Boyd earnie@users.sourceforge.netwrote:
On Mon, Jan 28, 2013 at 10:41 PM, Steve Wickham steve@wickwoodonline.com wrote:
From what I understand, in the WordPress world it is a fairly common
thing
to change the path of the user login page in order to harden the site because this helps prevent bots from finding the login page in the first place. The other thing that is commonly done is to change the
preassigned
admin username to something else.
I myself have wondered about how this might be done with Drupal, and have never found an answer. Although to be honest, i never looked that hard.
So
if you do find the answer, or if someone knows the answer to this, please post it back here.
It can be done but you have to study the hooks system of the API. But setting user registration to admin only and removing the login block should be sufficient. Changing /user is a bit on the paranoid side.
-- Earnie
-- https://sites.google.com/site/earnieboyd
[ Drupal support list | http://lists.drupal.org/ ]