Stop User Enumeration

  • Resolved scarlywebs

    (@scarlywebs)


    1 year, 11 months ago

    Hi! I just want to say thanks for the amazing plugin, it’s packed with many great features, and was able to get rid of a few plugins!

    I wanted to ask if is it possible for you to add another section in your plugin that prevents hackers from scanning your site for user login names. I am currently using the plugin called Stop User Enumeration it is linked to the plugin page.

    Please let me know if it will be possible, if not its ok, thanks so much <3

    Also, I am only asking because I see that you have DDOS protection and brute force attack protection so thought maybe could add that as well. ??

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author Bowo

    (@qriouslad)

    @scarlywebs thank you for the nice review!

    Feature request for Stop User Enumeration is noted for now. Looks like some overlap with the existing Obfuscate Author Slug module. If you can check and let me know what’s the difference, that’d be great.

    In general I do plan to implement more security-related features in the future.

    Thread Starter scarlywebs

    (@scarlywebs)

    Hey @qriouslad thanks for the reply, I did notice a few features in the “Stop User Enumeration” they had options like:

    • Blocks user enumeration requests by GET or POST
    • Syslogs a block so Fail2Ban can be used to block an IP
    • Optionally blocks REST API user requests for non-authorized users.
    • Optionally removes author sitemap
    • Optionally removes author from OEMBED
    • Optionally removes numbers from comment authors

    Not sure if your plugin has those same options already embedded in your plugin, but that’s what I noticed what they had.

    One feature I like about yours that the other plugin doesn’t have is that you can obfuscate publicly exposed author page URLs that show the user slugs/usernames.

    And FYI I am not an expert on this stuff, just trying to see what works best for me lol.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Stop User Enumeration’ is closed to new replies.