Prevent admin from deleting other admin

I believe all delete actions through the admin panels use the wp_delete_user() function to do this task. Thus you could hook the ‘delete_user’ action and if your user ID shows up, simply die(). This will make it virtually impossible to delete your user with this function.

Mind you, all this does is prevent accidents and make it a fair bit harder to delete your user. An admin could easily write some code and successfully delete your user still, it is their capability as admin to delete other users. I could argue that anyone that cannot be trusted to not delete other admins should not be admin themselves ?? But no, I get it. Theory and practice rarely mesh together.

It should be possible to restructure the capabilities so that admins cannot delete other admins, only lesser users. A created super user role would be needed to be able to delete any user. You would hook the same action to check for these custom capabilities. But again, if an admin can activate or edit plugins or themes, they can install custom code to do their bidding.

One last thing, the delete option will still appear under your user in the users table, it just will not work. It’s possible to suppress the option from showing. I’m less certain you can prevent the check box from working, which would make it appear they could bulk delete your user. (they can’t)

Thank you for your detailed answer. The thing is that I would like to provide my client with full functionality since he requests full independence with his site. On the other hand I would like to have a point of security for clients that do not pay in time etc. Anyway, I will check your findings.

Thanks again!

If you are comfortable editing the database, it’s always possible to remove admin privileges from one user and/or give admin privileges to another.