Stop User Enumeration in WordPress

This tutorial explains how to block user-enumeration scans in WordPress. As explained in greater depth here, user enumeration happens when some malicious script scans a WordPress site for user data by requesting numerical user IDs. For example, requests for author=1 through some number, say, author=1000, may reveal the usernames for all associated users. With a simple enumeration script, an attacker can scan your site and obtain a list of login names in a matter of seconds. Continue reading »

Welcome

Perishable Press is operated by Jeff Starr, a professional web developer and book author with two decades of experience. Here you will find posts about web development, WordPress, security, and more »

GA Pro: Add Google Analytics to WordPress like a pro.

Thoughts

I disabled AI in Google search results. It was making me lazy.

Went out walking today and soaked up some sunshine. It felt good.

I have an original box/packaging for 2010 iMac if anyone wants it free let me know.

Always ask AI to cite its sources. Also: “The Web” is not a valid answer.

All free plugins updated and ready for WP 6.6 dropping next week. Pro plugin updates ~~in the works~~ also complete :)

99% of video thumbnail/previews are pure cringe. Goofy faces = Clickbait.

RIP ICQ

+ More thoughts »

Topics

Find me on the social medias

Around the site

WordPress help

Wizard’s SQL Recipes (eBook)
The Tao of WordPress (eBook)
Digging Into WordPress (eBook)
Develop WordPress themes (eBook)
WordPress on shared hosting (video tutorials)

Favorite projects