I would like to pass on a website to a client, but he is not paying for the CMS backend.

Could I just remove the wp-admin Folder and just use the front-end of wordpress?

Could there go something wrong by doing this?

Is there a better way of disabling the backend CMS?

I would like to pass on a website to a client, but he is not paying for the CMS backend.

Could I just remove the wp-admin Folder and just use the front-end of wordpress?

Could there go something wrong by doing this?

Is there a better way of disabling the backend CMS?

• wp-admin

Share Improve this question asked Jan 5, 2016 at 9:51 pixelcrashpixelcrash 111 bronze badge

Add a comment  | 

4 Answers 4

Sorted by: Reset to default 1

This sounds like is a really bad idea. Like selling a car without the car keys!

If you delete the wp-admin folder, the site will not might not work due to PHP errors.

Many sites depend on ajax through /wp-admin/admin-ajax.php.

You will also not be able to update such an install in a meaningful way.

Hand instead the theme or plugin to your client - don't modify or delete parts of the WordPress core.

That definitely sounds like a bad idea. I would recommend just not giving them access to the back end. If they have no username then they basically don't have wp-admin, but you haven't risked breaking anything.

iThemes Security allows for renaming of the admin / login routes. This is an easy way to hide (and protect) your website.

iThemes Security: https://wordpress/plugins/better-wp-security/

To block non-admin users from getting into wp-admin, you just need to add the following code to your functions.php:

 add_action( 'init', 'blockusers_init' );

 function blockusers_init() {
    if ( is_admin() && ! current_user_can( 'administrator' ) && 
! ( defined( 'DOING_AJAX' ) && DOING_AJAX ) ) {
        wp_redirect( home_url() );
        exit;
    }
}

Now, only administrator users can access wp-admin, everyone else will be re-directed to the homepage.

Make a HTML version of your site and give them that. Then your site will not be wordpress and they will not have a CMS. There will be ways around the other solutions

1) Site without the wp-admin folder - they can get their own wp-admin from repository and brute force the admin login.

2) @mrben522 Dont give them codes to admin - they can brute force the login.

3)@birgire give them the theme - this is the CMS section. They download wordpress and have their CMS for free.

4)@Liam Stewart - ithemes actually stops people getting in so this should be a good solution. But if they get access to the DB, and they would have access to FTP - they can just turn it off.

So the only way to give them a site that is not CMS would be HTML only, which you can make from your wordpress site in many ways. PLugins, crawlers etc. search google