How to quickly anonymise the users of a WordPress website

Written by Mark Langdale

20 July 2021

If you’re a web developer working across a number of WordPress client projects, you’re probably all too familiar with having to create and update localhost or staging versions of the live systems you work on. It’s something we do all the time ourselves.

One of the issues with pulling down live databases to use for development is that they can contain lots of user data. Particularly so if it’s something like an LMS or eCommerce platform. So you’ve got to be extra careful. You don’t want to be in that nightmare scenario where your staging platform inadvertently sends out “Testy McTest Email” to 5000 users!

You could simply delete all of the users from the database, but sometimes it’s useful to have some realistic test accounts to enable your staging platform to simulate the live one as closely as possible.

To help with this we’ve created a simple script, which you can download and use from the link below. There’s nothing sophisticated about it really. It simply takes all of the users on your website and replaces their key user details with randomly generated ones. So John Smith on your live site now becomes Tabatha McReary with a fake ( email address.

To use it, simply download the anonymise-users.php file and add it to the root directory of your WordPress installation. Then go to <<Your site URL>>/anonymise-users.php. After a few seconds, the users of your site should be updated with dummy details and their password will be reset to Test1234.

There are a few things to point out:

  • Use the script at your own risk. It goes without saying that you would never want to use this on a live system, so be careful not to accidentally include it in your Git repo!
  • While the script will replace things like first name, last name, username, email address – if your platform has other bits of user meta (such as address), then these will not be edited.
  • By default, the script will anonymise all users who aren’t either “Administrators” or “Editors”. To add roles to exclude, simply add them to the list on line 27 of the script.

If you find this useful please share and let us know in the comments.


Submit a Comment

Your email address will not be published. Required fields are marked *

Other blog posts you may be interested in…