API tools faq
paste
Advertisement
Imperative-Ideas

Block username enumeration in WordPress

Imperative-Ideas
Oct 2nd, 2014
329
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 0.43 KB | None | 0 0
raw download clone embed print report
  1. # The first step in hacking a WordPress site is to scan for low-number IDs, this is because
  2. # a typical Superadmin is user #1 and users 2-10 contain additional high-value accounts.
  3. # This small script effectively blocks user ennumeration, making WP much more secure.
  4. <IfModule mod_rewrite.c>
  5. RewriteEngine On
  6. RewriteBase /
  7. RewriteCond %{QUERY_STRING} (author=\d+) [NC]
  8. RewriteRule .* - [F]
  9. </IfModule>
  10. # END block author scans
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!