Creating a WordPress User when you don’t have an existing admin login to use
Posted on August 3, 2015
A long time ago we wrote a post on how to insert yourself into WordPress as an admin that has been very popular.
Just to be clear, this won’t help you hack a WordPress site. You have to have some kind of server level access to make use of any of these, but in our work we often have scenarios where we only have access to a server.
There are 3 quick ways to create a WordPress user from outside the WordPress dashboard.
Creating a WordPress user with WP CLI USER CREATE
My new favorite way is using WP CLI. This requires that WP CLI is installed on the server, but recently WP Engine started rolling out WP-CLI Support to Select Partners for Beta Testing.
It’s not just a WP Engine thing though, a few other hosts provide WP CLI support via shell access and if you’re running on your own server you can install it. You’re not likely to be able to install this yourself on shared hosting.
Assuming you do have access to WP CLI it’s as easy as SSH’ing into your server or using the WP Engine portal, and typing
wp user create name [email protected] --role=administrator
You can specify a password with –user_pass=”Password!” or if you don’t it’ll create a random and very secure password for you!
Create a WordPress user via MySQL
If you don’t have SSH access and WP CLI already installed the next quickest way is to insert a user via MySQL.
Here is the code snippet you can use,
SET @user_login := '9seeds';
SET @user_pass := 'muDAy2CUcTcuPnyCBXfqJysD';
SET @user_email := '[email protected]';
INSERT INTO `wp_users`
(`user_login`, `user_pass`, `user_email`, `user_registered`)
VALUES
(@user_login, MD5(@user_pass), @user_email, now());
SELECT @user_id := LAST_INSERT_ID();
INSERT INTO `wp_usermeta`
(`user_id`, `meta_key`, `meta_value`)
VALUES
(@user_id, 'wp_capabilities', 'a:1:{s:13:"administrator";b:1;}');
INSERT INTO `wp_usermeta`
(`user_id`, `meta_key`, `meta_value`)
VALUES
(@user_id, 'wp_user_level', '10');
Most hosts include PHPMyAdmin so you can just jump into there, select the database you want to insert a user into, then go to the SQL tab and paste this code in. Don’t forget to edit the values on the first three lines before clicking the Go button to run the SQL query.
Create a WordPress user via FTP
This used to be my favorite way because often all the access I was given to a site was FTP access and I was less comfortable with MySQL then I am these days.
You simply FTP to root directory of the site you need access to and create a new empty PHP file (or just “duplicate” an existing file and clear it out, that’s fine too).
Open up the file and insert the PHP code below. Again be sure you change the user, pass, and email values and save the edits to the file. Then, visit the file in
Once you’ve run the file once you should delete the file just to be safe.
<?php
/**
* Script to create administrator user in WordPress
*
* @package none
* @link https://9seeds.com/creating-a-wordpress-user-when-you-dont-have-an-existing-admin-login-to-use/
*/
$s9_password = 'PASSWORD';
$s9_username = '9seeds';
$s9_email = '[email protected]';
if ( 'PASSWORD' === $s9_password ) {
die;
}
require_once 'wp-blog-header.php';
if ( ! username_exists( $s9_username ) && ! email_exists( $s9_email ) ) {
$user_id = wp_create_user( $s9_username, $s9_password, $s9_email );
if ( is_int( $user_id ) ) {
$wp_user_object = new WP_User( $user_id );
$wp_user_object->set_role( 'administrator' );
echo 'Success!';
} else {
echo 'Error with wp_insert_user. No users were created.';
}
} else {
echo 'This user or email already exists. Nothing was done.';
}
That is it! 3 fairly easy ways to create a WordPress user when you don’t already have administrator level access to the WP dashboard.
