I think if you are working in the WordPress world it helps to be paranoid. ;-) That&#39;s why I&#39;m working with Drupal and gave up searching for answer to this question myself.  <div><br></div><div>Steve<br><br><div class="gmail_quote">

On Tue, Jan 29, 2013 at 8:19 AM, Earnie Boyd <span dir="ltr">&lt;<a href="mailto:earnie@users.sourceforge.net" target="_blank">earnie@users.sourceforge.net</a>&gt;</span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">

<div class="im">On Mon, Jan 28, 2013 at 10:41 PM, Steve Wickham<br>
&lt;<a href="mailto:steve@wickwoodonline.com">steve@wickwoodonline.com</a>&gt; wrote:<br>
&gt; &gt;From what I understand, in the WordPress world it is a fairly common thing<br>
&gt; to change the path of the user login page in order to harden the site<br>
&gt; because this helps prevent bots from finding the login page in the first<br>
&gt; place.  The other thing that is commonly done is to change the preassigned<br>
&gt; admin username to something else.<br>
&gt;<br>
&gt; I myself have wondered about how this might be done with Drupal, and have<br>
&gt; never found an answer.  Although to be honest, i never looked that hard.  So<br>
&gt; if you do find the answer, or if someone knows the answer to this, please<br>
&gt; post it back here.<br>
<br>
</div>It can be done but you have to study the hooks system of the API.  But<br>
setting user registration to admin only and removing the login block<br>
should be sufficient.  Changing /user is a bit on the paranoid side.<br>
<span class="HOEnZb"><font color="#888888"><br>
--<br>
Earnie<br>
-- <a href="https://sites.google.com/site/earnieboyd" target="_blank">https://sites.google.com/site/earnieboyd</a><br>
</font></span><div class="HOEnZb"><div class="h5">--<br>
[ Drupal support list | <a href="http://lists.drupal.org/" target="_blank">http://lists.drupal.org/</a> ]<br>
</div></div></blockquote></div><br></div>