Wordfence did not block ?author=x | WordPress.org

Resolved ataub2qf
(@ataub2qf)

9 years, 2 months ago

I am using Wordfence 5.3.6 and the option “Prevent discovery of usernames through ‘?/author=N’ scans” is enabled.

However today I found a lot of 404s for urls like /?author=5 which also display the information of this user. The funny thing is that the ids 1 and 2 redirected to / while 3 and 4 exposed the user information.

Viewing 2 replies - 1 through 2 (of 2 total)

WFBrian
(@wfbrian)

9 years, 2 months ago

I’ll pass this along to have investigated.

Thanks,
Brian

WFSupport
(@wfsupport)

8 years, 10 months ago

This should be fixed now.
It redirects to the home page when tried.

tim

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Wordfence did not block ?author=x’ is closed to new replies.

In: Plugins
2 replies
3 participants
Last reply from: WFSupport
Last activity: 8 years, 10 months ago
Status: resolved