Beskriuwing
User enumeration can be use for brute-force techniques to either guess or confirm valid users in a system. User enumeration is often a web application vulnerability, though it can also be found in any system that requires user authentication.
An enumeration attack allows a hacker to check whether a name exists in the database. For example, to set up a brute-force attack, rather than searching through login and password pairs, all they need is a matching password for a verified user name, saving time and effort.
The phrase “username harvesting” refers to a vulnerability that when exploited allows people or programs interacting with an application to determine what a valid username is vs an invalid username.
**You can check your site have user enumeration by simply type https://selectedfirms.co/wp-json/wp/v2/users that’s it. **
Features:
- We only disable for non logged in users.
- You can deactivate with single click. No extra configuration required.
- Something else about the plugin
Ynstallaasje
Either using the dashboard ‘Add Plugin’ feature to find, install and activate the plugin
- Download and the plugin from the download link
- Upload the entire plugin directory to your website’s /wp-contents/plugins/ using a file manager or FTP
- Activate the plugin through the Plugins menu
FAQ
-
How to check plugin works?
-
You just need to run in browser to verify <youdomin.com>/wp-json/wp/v2/users.
-
I have active plugin, why its still display user data in response.
-
Just double check to make sure, you are not logged in. This plugin won’t do anything for logged in users, it only works when you are logged out.
-
What about settings?
-
There are no settings required. We are focus on only user enumerations. Only activation is enough.
-
Is it change anything in database?
-
Plugin is work standalone. Its not required any database operations.
Resinsjes
D’r binne gjin resinsjes foar dizze plugin.
Meiwurkers & amp; Untwikkelders
“Disable User Enumeration” is iepen boarne software. De folgjende minsken hawwe bydroegen oan dizze plugin.
MeiwurkersOersette “Disable User Enumeration” yn jo taal.
Ynteressearre yn ûntwikkeling?
Blêdzje troch de koade , besjoch de SVN-repository , of abonnearje op it ûntwikkelingslogboek troch RSS .
Feroaringslog
0.1
- Initial release.