Feeds

Viewing 10 replies - 1 through 10 (of 10 total)
  • Moderator Steven Stern (sterndata)

    (@sterndata)

    Volunteer Forum Moderator

    The feed should be at https://example.com/feed, without the ?. Please provide a link to a page on your site where we can see this. Thanks. Note: Your link will be public and we will not later remove it.

    Thread Starter eddyferns

    (@eddyferns)

    Thank you for your reply.

    Feed with ? directs to the Posts page. Basically I need to redirect this to the home page. The Feed page without the ? displays as showing in the link https://quickforget.com/s/8d3b0509111bba1fb13ae211614ac11c

    Secondly the page source reveals the username Ed-admin and the nickname Carlton. Need to remove them.

    Since the website link will remain public I prefer not for security reasons. But the page source code is inside the link https://quickforget.com/s/1628bbff2d9a3b04a3ceabc847bb23de

    Moderator Steven Stern (sterndata)

    (@sterndata)

    Volunteer Forum Moderator

    UserIDs and/or nicknames are not a security issue.

    The issue here is that you’re using the wrong URL for your feed. It should not be /?feed but /feed/.

    Thread Starter eddyferns

    (@eddyferns)

    Usernames and/or Nicknames has been and always is a security issue due to Brute Force Attack. That is why WordPress recommends changing the default ‘admin’ username in its article https://www.ads-software.com/support/article/brute-force-attacks/

    Regarding Feeds, I am not using them at all. The issue I have as mentioned is the url with the slug ‘feed’ directs to a Post webpage, where Username and Nickname is revealed in the page source code.

    So need to resolve two issues:

    1. Remove Username and Nickname for all Posts and Pages in the page source code.

    2. Redirect the ?feed url to the Home page.

    Moderator Steven Stern (sterndata)

    (@sterndata)

    Volunteer Forum Moderator

    Here’s a tutorial to disable feeds: https://kinsta.com/knowledgebase/wordpress-disable-rss-feed/

    Thread Starter eddyferns

    (@eddyferns)

    Have tried all possible code including yours to disable feeds before posting this topic. Feeds do get disabled.

    Though /?feed slug has the word ‘feed’ in it simply directs to a Post page and not to the feed page. You can try this slug with any website running WordPress and it will lead you to a Post or a blog page.

    Moderator Steven Stern (sterndata)

    (@sterndata)

    Volunteer Forum Moderator

    I suppose you could create a special .htaccess rule for that.

    Thread Starter eddyferns

    (@eddyferns)

    Being confirmed that this is not a feed will create that .htaccess rule for it.

    The other part, for removing username from a Post page source code do I need to create a new topic?

    Thanks.

    Moderator Steven Stern (sterndata)

    (@sterndata)

    Volunteer Forum Moderator

    To remove the name from a post page — you should probably create a child theme that modifies single.php, to remove (or modify) the code that prints out the post meta info. It really depends on your theme.

    Again, there is absolutely no security issue from exposed user names. Check wordpress.tv and look for the “security myth” talks from Aaron Campbell.

    Thread Starter eddyferns

    (@eddyferns)

    Thanks for the tip. Using a child theme already. Will try to figure it out.

    www.ads-software.com suggests otherwise. The point is when the password is weak or gets stolen.

Viewing 10 replies - 1 through 10 (of 10 total)
  • The topic ‘Feeds’ is closed to new replies.