Stop User Enumeration - Version 1.2.4

Version Description

  • Added code to check whether not admin (to stop admin features failing) and changed trailing slash code to trap situation where not posts are found and user is displayed in title
Download this release

Release Info

Developer llocally
Plugin Icon 128x128 Stop User Enumeration
Version 1.2.4
Comparing to
See all releases

Code changes from version 1.2.3 to 1.2.4

Files changed (2) hide show
  1. readme.txt +13 -4
  2. stop-user-enumeration.php +5 -2
readme.txt CHANGED
@@ -3,8 +3,8 @@ Contributors: llocally
3
  Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=ZEWW5LKK5995J
4
  Tags: User Enumeration, Security, WPSCAN, fail2ban
5
  Requires at least: 3.4
6
- Tested up to: 3.7.1
7
- Stable tag: 1.2.3
8
  License: GPLv2 or later
9
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
10
 
@@ -40,11 +40,20 @@ bantime = 2500000`
40
  Adjusted to your own requirements.
41
 
42
  == Changelog ==
 
 
 
 
 
 
43
  = 1.2.3 =
44
- Fixed bug that stopped export
 
 
 
45
  = 1.2.2 =
46
 
47
- Added code to stop bypassing the check when a trailing slash is added
48
 
49
  = 1.2.1 =
50
  * minor change to handle a specific php issue with a certain version
3
  Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=ZEWW5LKK5995J
4
  Tags: User Enumeration, Security, WPSCAN, fail2ban
5
  Requires at least: 3.4
6
+ Tested up to: 3.9
7
+ Stable tag: 1.2.4
8
  License: GPLv2 or later
9
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
10
 
40
  Adjusted to your own requirements.
41
 
42
  == Changelog ==
43
+ =
44
+ = 1.2.4 =
45
+
46
+ * Added code to check whether not admin (to stop admin features failing) and changed trailing slash code to trap situation where not posts are found and user is displayed in title
47
+
48
+
49
  = 1.2.3 =
50
+
51
+
52
+ * Fixed bug that stopped export in admin
53
+
54
  = 1.2.2 =
55
 
56
+ * Added code to stop bypassing the check when a trailing slash is added
57
 
58
  = 1.2.1 =
59
  * minor change to handle a specific php issue with a certain version
stop-user-enumeration.php CHANGED
@@ -3,7 +3,7 @@
3
  Plugin Name: Stop User Enumeration
4
  Plugin URI: http://llocally.com/wordpress-plugins/stop-user-enumeration
5
  Description: User enumeration is a technique used by hackers to get your login name if you are using permalinks. This plugin stops that.
6
- Version: 1.2.3
7
  Author: llocally
8
  Author URI: http://llocally.com/wordpress-plugins/
9
  License: GPLv2 or later
@@ -25,7 +25,10 @@ along with this program; if not, write to the Free Software
25
  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
26
  */
27
 
28
- if (preg_match('/author=([0-9]*)(\/+)/', $_SERVER['QUERY_STRING'])===1) ll_kill_enumeration();
 
 
 
29
 
30
  add_filter('redirect_canonical','ll_detect_enumeration', 10,2);
31
  function ll_detect_enumeration ($redirect_url, $requested_url) {
3
  Plugin Name: Stop User Enumeration
4
  Plugin URI: http://llocally.com/wordpress-plugins/stop-user-enumeration
5
  Description: User enumeration is a technique used by hackers to get your login name if you are using permalinks. This plugin stops that.
6
+ Version: 1.2.4
7
  Author: llocally
8
  Author URI: http://llocally.com/wordpress-plugins/
9
  License: GPLv2 or later
25
  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
26
  */
27
 
28
+ if ( ! is_admin()){
29
+ if (preg_match('/author=([0-9]*)/', $_SERVER['QUERY_STRING'])===1) ll_kill_enumeration();
30
+ add_filter('redirect_canonical','ll_detect_enumeration', 10,2);
31
+ }
32
 
33
  add_filter('redirect_canonical','ll_detect_enumeration', 10,2);
34
  function ll_detect_enumeration ($redirect_url, $requested_url) {