描述
This plugin checks for common user names that don’t exist in the users table. If the submitted user name meets settings criteria the IP will be blocked from the site.
The plugin also has the ability to stop author enumeration by bots.
Recommended Settings
There are two different ways to protect your site from user name brute force attacks. The more strict way is to immediately block an IP that attempts to login with a non-existent user name. This can possibly cause issues with websites that have many users or users that may not login very often and forget their user name. It’s most useful for one-person websites.
The less strict way is to have a black list of user names that only a bot would try like “admin” and user nicenames that aren’t logins.
The “Stop Enumeration” setting redirects all attempts to ?author={ID} to the home page of your site. This will stop bots from incrementing through your users and discovering user nicenames.
屏幕截图
安装
Install like any other plugin, directly from your plugins page. Works out of the box, but visit the settings page through the Settings tab in the back-end of WordPress to configure.
常见问题
- Installation Instructions
-
Install like any other plugin, directly from your plugins page. Works out of the box, but visit the settings page through the Settings tab in the back-end of WordPress to configure.
评价
此插件暂无评价。
贡献者及开发者
更新日志
1.0.0
- Update validation for settings