I recently found the answer to this problem. Basically you edit your .htaccess file to include the following line: –
RewriteRule ^author/(.*)$ https://www.[your domain URL]/ [R,L]
This prevents people from entering: –
https://www.[your domain]/?author=1 …?author=2 etc. This will reveal the author’s username but the .htaccess rule will redirect them to the home page.
The discussion that provided that answer can be found here: –
wp security checklist
