Descripció
User enumeration can be use for brute-force techniques to either guess or confirm valid users in a system. User enumeration is often a web application vulnerability, though it can also be found in any system that requires user authentication.
An enumeration attack allows a hacker to check whether a name exists in the database. For example, to set up a brute-force attack, rather than searching through login and password pairs, all they need is a matching password for a verified user name, saving time and effort.
The phrase “username harvesting” refers to a vulnerability that when exploited allows people or programs interacting with an application to determine what a valid username is vs an invalid username.
**You can check your site have user enumeration by simply type https://selectedfirms.co/wp-json/wp/v2/users that’s it. **
Features:
- We only disable for non logged in users.
- You can deactivate with single click. No extra configuration required.
- Something else about the plugin
Captures
Instal·lació
Either using the dashboard ‘Add Plugin’ feature to find, install and activate the plugin
- Download and the plugin from the download link
- Upload the entire plugin directory to your website’s /wp-contents/plugins/ using a file manager or FTP
- Activate the plugin through the Plugins menu
PMF
-
How to check plugin works?
-
You just need to run in browser to verify <youdomin.com>/wp-json/wp/v2/users.
-
I have active plugin, why its still display user data in response.
-
Just double check to make sure, you are not logged in. This plugin won’t do anything for logged in users, it only works when you are logged out.
-
What about settings?
-
There are no settings required. We are focus on only user enumerations. Only activation is enough.
-
Is it change anything in database?
-
Plugin is work standalone. Its not required any database operations.
Ressenyes
No hi ha ressenyes per a aquesta extensió.
Col·laboradors i desenvolupadors
«Disable User Enumeration» és programari de codi obert. La següent gent ha col·laborat en aquesta extensió.
Col·laboradorsTraduïu «Disable User Enumeration» a la vostra llengua.
Interessats en el desenvolupament?
Navegueu pel codi, baixeu-vos el repositori SVN, o subscriviu-vos al registre de desenvolupament per fisl de subscripció RSS.
Registre de canvis
0.1
- Initial release.