WordPress.org

Plugin Directory

Test out the new Plugin Directory and let us know what you think.

Stop User Enumeration

User Enumeration is a method hackers and scanners use to get your username. This plugin stops it.

= 1.3.8

Security fix to stop XSS exploit

Also coded so should work with PHP 5.3 - although PHP 5.3. has been end of life for over two years it seems some hosts still use this. This is a security risk in its own right and sites using PHP 5.3 should try to upgrade to a supported version of PHP, but this change is for backward compatibility.

1.3.7

Fix to allow deprecated PHP Version 5.4 to work, as 5.4 seems to still be in common use despite end of life

Note this code wont work on PHP 5.3

1.3.6

Fix PHP error

1.3.5

  • full rewrite
  • Changed detection rules to stop a reported bypass
  • Added detection and suppression of REST API calls to user data
  • Added settings page to allow REST API calls or stop system logging as required
  • Added code to remove numbers from comment authors, and setting to turn that off

1.3.4

  • Simplify code and deal with undefined request and other argument issues

1.3.3

  • Correct issue of undefined index in certain conditions

1.3.2

  • Added donate link to plugin listing

1.3.1

  • code improvement from Thomas van der Westen

1.2.8

  • bug fix to allow comments to use author in url

1.2.8

  • allow comments to use author in url

1.2.7

  • bug fix to POST protection

1.2.6

  • bug fix to POST protection

1.2.5

  • Added protection against bypass using null bytes (thanks to vunerbality identification and solution by cvcrcky )
  • Added protection angainst POST bypass (thanks to vunerbaility identification by urbanadventurer and solution ideas from Ov3rfly and Malivuk )

1.2.4

  • Added code to check whether not admin (to stop admin features failing) and changed trailing slash code to trap situation where not posts are found and user is displayed in title

1.2.3

  • Fixed bug that stopped export in admin

1.2.2

  • Added code to stop bypassing the check when a trailing slash is added

1.2.1

  • minor change to handle a specific php issue with a certain version

1.1

  • added close log
  • corrected call to wp die

1.0

  • first release

Requires: 3.4 or higher
Compatible up to: 4.7.2
Last Updated: 1 month ago
Active Installs: 10,000+

Ratings

4.7 out of 5 stars

Support

3 of 3 support threads in the last two months have been marked resolved.

Got something to say? Need help?

Compatibility

+
=
Not enough data

0 people say it works.
0 people say it's broken.

100,1,1 100,1,1
0,1,0
100,1,1
100,1,1 100,1,1
100,1,1
100,1,1
0,1,0