User Enumeration is a method hackers and scanners use to get your username. This plugin stops it.
Even if you are careful and set your blogging nickname differently from your login id, if you are using permalinks it only takes a few seconds to discover your real user name.
This plugin stops user enumeration dead (like in use by WPSCAN), and additionally it will log an event in your system log so you can use (optionally) fail2ban to block the probing IP directly at your firewall, a very powerful solution for VPS owners to stop brute force attacks as well as DDoS attacks.
Since WordPress 4.5 user data can also be obtained by API calls without logging in, this is a WordPress feature, but if you don't need it, this plugin will restrict that too.
Requires: 3.4 or higher
Compatible up to: 4.7.1
Last Updated: 1 week ago
Active Installs: 10,000+
3 of 3 support threads in the last two months have been marked resolved.
Got something to say? Need help?