Test conducted with WP stable version WP 3.8.2 and also with WP 3.9RC1
Renaming wp-content still not working. since the plugin fail to write four lines of snippet on wp-config.php. Earlier mentioned the same bug at http://wordpress.org/support/topic/bugs-in-ithemes-security-v400-to-v4012?replies=3
Module for default Admin user name and its ID in the version 4.0.19 is some what near perfect. But still need little bit tweaking on this. If WP installed without default Admin user with ID=1, then this module still require to check first box then it show ID box to select. Non-default user associated with admin id=1, requires separate verification. In this context, only one change required for user id from 1 to other. But still this module doesn’t provide complete protection if automated bot or manual search do for User enumeration. Even if plugin changes the user id from 1, it actually change to either 2 or recently added user id+1. But this feature or module will not stop user enumeration.
I hope plugin author’s will adopt rewrite rule for blocking “User Enumeration”. It means a complete rewrite of this module is required instead of continuing the existing module to change id form 1 to 2 or other.
Recently we found that from linode.com’s IP range, they did “User Enumeration” to hack one of our sites. I don’t understand why these reputed organization also hacking with user enumeration. So, I request plugin authors try to implement rewrite rule set on .htaccess to block “user enumeration”
- The topic ‘Renaming wp-content still not working with 4.0.19 too’ is closed to new replies.