Aquesta extensió no s’ha provat en les darreres 3 versions majors del WordPress. Segurament no està mantinguda o suportada, i pot tenir problemes de compatibilitat quan s’usa en versions recents del WordPress.

Disable User Enumeration

Descripció

User enumeration can be use for brute-force techniques to either guess or confirm valid users in a system. User enumeration is often a web application vulnerability, though it can also be found in any system that requires user authentication.

An enumeration attack allows a hacker to check whether a name exists in the database. For example, to set up a brute-force attack, rather than searching through login and password pairs, all they need is a matching password for a verified user name, saving time and effort.

The phrase “username harvesting” refers to a vulnerability that when exploited allows people or programs interacting with an application to determine what a valid username is vs an invalid username.

**You can check your site have user enumeration by simply type https://selectedfirms.co/wp-json/wp/v2/users that’s it. **

Features:

  1. We only disable for non logged in users.
  2. You can deactivate with single click. No extra configuration required.
  3. Something else about the plugin

Captures

  • Activate plugin.
  • Restriction applied on username.

Instal·lació

Either using the dashboard ‘Add Plugin’ feature to find, install and activate the plugin

  1. Download and the plugin from the download link
  2. Upload the entire plugin directory to your website’s /wp-contents/plugins/ using a file manager or FTP
  3. Activate the plugin through the Plugins menu

PMF

How to check plugin works?

You just need to run in browser to verify <youdomin.com>/wp-json/wp/v2/users.

I have active plugin, why its still display user data in response.

Just double check to make sure, you are not logged in. This plugin won’t do anything for logged in users, it only works when you are logged out.

What about settings?

There are no settings required. We are focus on only user enumerations. Only activation is enough.

Is it change anything in database?

Plugin is work standalone. Its not required any database operations.

Ressenyes

No hi ha ressenyes per a aquesta extensió.

Col·laboradors i desenvolupadors

«Disable User Enumeration» és programari de codi obert. La següent gent ha col·laborat en aquesta extensió.

Col·laboradors

Registre de canvis

0.1

  • Initial release.