Can usernames be guessed by malware?

  • Resolved gabolonte

    (@gabolonte)


    10 years, 11 months ago

    Hello all, first time here ??

    From some time ago I was using Limit Login Attempts plugin (https://devel.kostdoktorn.se/limit-login-attempts) wich reports me every blocked ip address that was guessing passwords on my site. You can bet 99% of times admin was the username bots are attacking, but this time I find that some ip from France was trying to brute-force a custom username, one created by me that its not public in any way.

    Since this is happening at an special site wich I modified to not include any mention to the posts’s authors (removing things like meta property=”article:author” for example) I wonder how this is possible. Anyone can tell me wich knowns methods are available for guessing a WP username and could they can be mitigated?

Viewing 2 replies - 1 through 2 (of 2 total)

  • Any evidence in your log files of a script trying to enumerate users? I occasionally see hits in my logs from the WPScan script (or similar) looking for user names. Some basic info – link goes to Google – enumerate wordpress users

    The requests in the logs will end in something similar to this: /?author=1, and often incremented from 1 to 10. That might be a possible explanation.

    Thread Starter gabolonte

    (@gabolonte)

    Wow, I was not inclined to think that it was so easy to do. I think I’m failed searching for this because I’m missing one important keyword: Enumerate

    Thank you for your help, I’ll try with one of the .htaccess based solutions proposed out there to see if I can stop it.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Can usernames be guessed by malware?’ is closed to new replies.