Title: Super Simple Account Enumeration Blocker Author: Paul Gilzow Published: April 14, 2017 Last modified: April 17, 2017 --- Search plugins This plugin **hasn’t been tested with the latest 3 major releases of WordPress**. It may no longer be maintained or supported and may have compatibility issues when used with more recent versions of WordPress. ![](https://s.w.org/plugins/geopattern-icon/super-simple-account-enumeration-blocker. svg) # Super Simple Account Enumeration Blocker By [Paul Gilzow](https://profiles.wordpress.org/gilzow/) [Download](https://downloads.wordpress.org/plugin/super-simple-account-enumeration-blocker.zip) * [Details](https://wordpress.org/plugins/super-simple-account-enumeration-blocker/#description) * [Reviews](https://wordpress.org/plugins/super-simple-account-enumeration-blocker/#reviews) * [Development](https://wordpress.org/plugins/super-simple-account-enumeration-blocker/#developers) [Support](https://wordpress.org/support/plugin/super-simple-account-enumeration-blocker/) ## Description After speaking at WordCamp St. Louis 2017 [http://wordpress.tv/2017/03/29/paul-gilzow-access-denied-keeping-yourself-off-an-attackers-radar/](http://wordpress.tv/2017/03/29/paul-gilzow-access-denied-keeping-yourself-off-an-attackers-radar/), I was asked if I could bundle the code I demo’ed in the talk into a plugin for people who aren’t as comfortable writing their own code. As its name implies, it is super simple. There are no settings. The entire codebase is contained in one file, and for the most part is about 20 lines of code in length. It is fully commented and I encourage you to look at the code to see what it does instead of blindly trusting it. Specifically, this plugin: * removes the redirection of a request from /?author =# to an author’s pretty permalink * changes author pretty permalinks to /?author =# * changes author feed pretty permalinks to /?author=#&feed= * removes author slug property from user response object for user endpoint in the REST API * removes overly informative error message when login attempt fails Rememer: this plugin, _by itself_, will not protect your site from being compromised. However, it can be an important layer of defense when used in a multilayer, defense- in-depth security strategy. ### Help and Support Please post questions, request for help to the WordPress plugins forum or email [ssaeb@gilzow.com](https://wordpress.org/plugins/super-simple-account-enumeration-blocker/ssaeb@gilzow.com?output_format=md). Please be sure to include ‘ssaeb’ in the subject line. ### TO-DO’s Keep adding ways to block enumerations. ## FAQ What version of PHP is required? PHP 5.3 and newer. Where are the settings? There aren’t any. Adding settings would make it not simple! 😉 ## Reviews There are no reviews for this plugin. ## Contributors & Developers “Super Simple Account Enumeration Blocker” is open source software. The following people have contributed to this plugin. Contributors * [ Paul Gilzow ](https://profiles.wordpress.org/gilzow/) [Translate “Super Simple Account Enumeration Blocker” into your language.](https://translate.wordpress.org/projects/wp-plugins/super-simple-account-enumeration-blocker) ### Interested in development? [Browse the code](https://plugins.trac.wordpress.org/browser/super-simple-account-enumeration-blocker/), check out the [SVN repository](https://plugins.svn.wordpress.org/super-simple-account-enumeration-blocker/), or subscribe to the [development log](https://plugins.trac.wordpress.org/log/super-simple-account-enumeration-blocker/) by [RSS](https://plugins.trac.wordpress.org/log/super-simple-account-enumeration-blocker/?limit=100&mode=stop_on_copy&format=rss). ## Changelog #### 1.0 Initial Release ## Meta * Version **1.0.0** * Last updated **9 years ago** * Active installations **Fewer than 10** * WordPress version ** 2.2 or higher ** * Tested up to **4.7.33** * Tags * [security](https://wordpress.org/plugins/tags/security/)[user enumeration](https://wordpress.org/plugins/tags/user-enumeration/) [wpscan](https://wordpress.org/plugins/tags/wpscan/) * [Advanced View](https://wordpress.org/plugins/super-simple-account-enumeration-blocker/advanced/) ## Ratings No reviews have been submitted yet. [Your review](https://wordpress.org/support/plugin/super-simple-account-enumeration-blocker/reviews/#new-post) [See all reviews](https://wordpress.org/support/plugin/super-simple-account-enumeration-blocker/reviews/) ## Contributors * [ Paul Gilzow ](https://profiles.wordpress.org/gilzow/) ## Support Got something to say? Need help? [View support forum](https://wordpress.org/support/plugin/super-simple-account-enumeration-blocker/)