WordPress security: Hide login error messages

September 14, 2009 at 9:42 am

Theses days, there’s a lot of talk about WordPress security due to recent issues. Is your blog secure? Here is a quick tip that you can easily implement to prevent displaying useful message to potential blog hackers.

When you (or someone) try to login on your blog, but fails, WordPress display a message to let you know what happened. Sure, it may be useful to you, but it is for sure also useful to potential blog hackers.

To remove theses messages, simply open your functions.php file and paste the following code:

add_filter('login_errors',create_function('$a', "return null;"));

That’s all. No more error messages!

Thanks to Ryan Imel for this great tip!