Version Description
- added close log
- corrected call to wp die
Download this release
Release Info
| Developer | llocally |
| Plugin |  Stop User Enumeration |
| Version | 1.1 |
| Comparing to | |
| See all releases | |
Code changes from version 1.0 to 1.1
- readme.txt +6 -2
- stop-user-enumeration.php +3 -2
readme.txt
CHANGED
|
@@ -4,7 +4,7 @@ Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_i
|
|
| 4 |
Tags: User Enumeration, Security, WPSCAN, fail2ban
|
| 5 |
Requires at least: 3.4
|
| 6 |
Tested up to: 3.7
|
| 7 |
-
Stable tag: 1.
|
| 8 |
License: GPLv2 or later
|
| 9 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
| 10 |
|
|
@@ -39,7 +39,11 @@ findtime = 600
|
|
| 39 |
bantime = 2500000`
|
| 40 |
Adjusted to your own requirements.
|
| 41 |
|
| 42 |
-
== Changelog ==
|
|
|
|
|
|
|
|
|
|
|
|
|
| 43 |
|
| 44 |
= 1.0 =
|
| 45 |
* first release
|
| 4 |
Tags: User Enumeration, Security, WPSCAN, fail2ban
|
| 5 |
Requires at least: 3.4
|
| 6 |
Tested up to: 3.7
|
| 7 |
+
Stable tag: 1.1
|
| 8 |
License: GPLv2 or later
|
| 9 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
| 10 |
|
| 39 |
bantime = 2500000`
|
| 40 |
Adjusted to your own requirements.
|
| 41 |
|
| 42 |
+
== Changelog ==
|
| 43 |
+
|
| 44 |
+
= 1.1 =
|
| 45 |
+
* added close log
|
| 46 |
+
* corrected call to wp die
|
| 47 |
|
| 48 |
= 1.0 =
|
| 49 |
* first release
|
stop-user-enumeration.php
CHANGED
|
@@ -3,7 +3,7 @@
|
|
| 3 |
Plugin Name: Stop User Enumeration
|
| 4 |
Plugin URI: http://llocally.com/wordpress-plugins/stop-user-enumeration
|
| 5 |
Description: User enumeration is a technique used by hackers to get your login name if you are using permalinks. This plugin stops that.
|
| 6 |
-
Version: 1.
|
| 7 |
Author: llocally
|
| 8 |
Author URI: http://llocally.com/wordpress-plugins/
|
| 9 |
License: GPLv2 or later
|
|
@@ -30,7 +30,8 @@ function ll_detect_enumeration ($redirect_url, $requested_url) {
|
|
| 30 |
if (preg_match('/\?author=([0-9]*)/', $requested_url)) {
|
| 31 |
openlog('wordpress('.$_SERVER['HTTP_HOST'].')',LOG_NDELAY|LOG_PID,LOG_AUTH);
|
| 32 |
syslog(LOG_INFO,"Attempted user enumeration from {$_SERVER['REMOTE_ADDR']}");
|
| 33 |
-
|
|
|
|
| 34 |
} else {
|
| 35 |
return $redirect_url;
|
| 36 |
}
|
| 3 |
Plugin Name: Stop User Enumeration
|
| 4 |
Plugin URI: http://llocally.com/wordpress-plugins/stop-user-enumeration
|
| 5 |
Description: User enumeration is a technique used by hackers to get your login name if you are using permalinks. This plugin stops that.
|
| 6 |
+
Version: 1.1
|
| 7 |
Author: llocally
|
| 8 |
Author URI: http://llocally.com/wordpress-plugins/
|
| 9 |
License: GPLv2 or later
|
| 30 |
if (preg_match('/\?author=([0-9]*)/', $requested_url)) {
|
| 31 |
openlog('wordpress('.$_SERVER['HTTP_HOST'].')',LOG_NDELAY|LOG_PID,LOG_AUTH);
|
| 32 |
syslog(LOG_INFO,"Attempted user enumeration from {$_SERVER['REMOTE_ADDR']}");
|
| 33 |
+
closelog();
|
| 34 |
+
wp_die('forbidden');
|
| 35 |
} else {
|
| 36 |
return $redirect_url;
|
| 37 |
}
|
