Version Description
- code improvement from Thomas van der Westen
Download this release
Release Info
| Developer | llocally |
| Plugin |  Stop User Enumeration |
| Version | 1.3.0 |
| Comparing to | |
| See all releases | |
Code changes from version 1.2.9 to 1.3.0
- readme.txt +5 -1
- stop-user-enumeration.php +5 -9
readme.txt
CHANGED
|
@@ -4,7 +4,7 @@ Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_i
|
|
| 4 |
Tags: User Enumeration, Security, WPSCAN, fail2ban
|
| 5 |
Requires at least: 3.4
|
| 6 |
Tested up to: 4.0
|
| 7 |
-
Stable tag: 1.
|
| 8 |
License: GPLv2 or later
|
| 9 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
| 10 |
|
|
@@ -41,6 +41,10 @@ Adjusted to your own requirements.
|
|
| 41 |
|
| 42 |
== Changelog ==
|
| 43 |
=
|
|
|
|
|
|
|
|
|
|
|
|
|
| 44 |
= 1.2.8 =
|
| 45 |
|
| 46 |
* bug fix to allow comments to use author in url
|
| 4 |
Tags: User Enumeration, Security, WPSCAN, fail2ban
|
| 5 |
Requires at least: 3.4
|
| 6 |
Tested up to: 4.0
|
| 7 |
+
Stable tag: 1.3.0
|
| 8 |
License: GPLv2 or later
|
| 9 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
| 10 |
|
| 41 |
|
| 42 |
== Changelog ==
|
| 43 |
=
|
| 44 |
+
= 1.3.0 =
|
| 45 |
+
|
| 46 |
+
* code improvement from Thomas van der Westen
|
| 47 |
+
|
| 48 |
= 1.2.8 =
|
| 49 |
|
| 50 |
* bug fix to allow comments to use author in url
|
stop-user-enumeration.php
CHANGED
|
@@ -1,11 +1,11 @@
|
|
| 1 |
<?php
|
| 2 |
/*
|
| 3 |
Plugin Name: Stop User Enumeration
|
| 4 |
-
Plugin URI: http://
|
| 5 |
Description: User enumeration is a technique used by hackers to get your login name if you are using permalinks. This plugin stops that.
|
| 6 |
-
Version: 1.
|
| 7 |
-
Author:
|
| 8 |
-
Author URI: http://
|
| 9 |
License: GPLv2 or later
|
| 10 |
*/
|
| 11 |
|
|
@@ -25,12 +25,10 @@ along with this program; if not, write to the Free Software
|
|
| 25 |
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
|
| 26 |
*/
|
| 27 |
|
| 28 |
-
|
| 29 |
-
|
| 30 |
if ( ! is_admin()){
|
| 31 |
if ( ! is_admin()){
|
| 32 |
if(preg_match('/(wp-comments-post)/', $_SERVER['REQUEST_URI']) === 0 ) {
|
| 33 |
-
if (!empty($_POST[author])) {
|
| 34 |
ll_kill_enumeration();
|
| 35 |
}
|
| 36 |
}
|
|
@@ -42,8 +40,6 @@ if ( ! is_admin()){
|
|
| 42 |
}
|
| 43 |
}
|
| 44 |
|
| 45 |
-
|
| 46 |
-
|
| 47 |
add_filter('redirect_canonical','ll_detect_enumeration', 10,2);
|
| 48 |
function ll_detect_enumeration ($redirect_url, $requested_url) {
|
| 49 |
if (preg_match('/\?author(%00[0%]*)?=([0-9]*)(\/*)/', $requested_url)===1 | ($_POST['author'])) {
|
| 1 |
<?php
|
| 2 |
/*
|
| 3 |
Plugin Name: Stop User Enumeration
|
| 4 |
+
Plugin URI: http://locally.uk
|
| 5 |
Description: User enumeration is a technique used by hackers to get your login name if you are using permalinks. This plugin stops that.
|
| 6 |
+
Version: 1.3.0
|
| 7 |
+
Author: Locally
|
| 8 |
+
Author URI: http://locally.uk
|
| 9 |
License: GPLv2 or later
|
| 10 |
*/
|
| 11 |
|
| 25 |
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
|
| 26 |
*/
|
| 27 |
|
|
|
|
|
|
|
| 28 |
if ( ! is_admin()){
|
| 29 |
if ( ! is_admin()){
|
| 30 |
if(preg_match('/(wp-comments-post)/', $_SERVER['REQUEST_URI']) === 0 ) {
|
| 31 |
+
if (!empty($_POST['author'])) {
|
| 32 |
ll_kill_enumeration();
|
| 33 |
}
|
| 34 |
}
|
| 40 |
}
|
| 41 |
}
|
| 42 |
|
|
|
|
|
|
|
| 43 |
add_filter('redirect_canonical','ll_detect_enumeration', 10,2);
|
| 44 |
function ll_detect_enumeration ($redirect_url, $requested_url) {
|
| 45 |
if (preg_match('/\?author(%00[0%]*)?=([0-9]*)(\/*)/', $requested_url)===1 | ($_POST['author'])) {
|
