Title: No User Enumeration Author: Carlos Published: Ebrill 4, 2016 Last modified: Hydref 23, 2019 --- Search plugins Nid yw’r ategyn hwn **wedi cael ei ddiweddaru ers 3 ryddhad mawr**. Efallai nad yw’n cael ei gynnal bellach ac efallai bod materion cydnawsedd wrth gael ei ddefnyddio gyda fersiynau mwy diweddar o WordPress. ![](https://s.w.org/plugins/geopattern-icon/no-user-enumeration.svg) # No User Enumeration Gan [Carlos](https://profiles.wordpress.org/carlost800/) [Llwytho i lawr](https://downloads.wordpress.org/plugin/no-user-enumeration.1.3.2.zip) * [Details](https://cy.wordpress.org/plugins/no-user-enumeration/#description) * [Reviews](https://cy.wordpress.org/plugins/no-user-enumeration/#reviews) * [Installation](https://cy.wordpress.org/plugins/no-user-enumeration/#installation) * [Development](https://cy.wordpress.org/plugins/no-user-enumeration/#developers) [Cefnogaeth](https://wordpress.org/support/plugin/no-user-enumeration/) ## Disgrifiad In many WordPress installations is possible enumerate usernames through the author archives, using urls like this: http://wpsite/?author=1 http://wpsite/?author=1/ http://wpsite/?bypass=1&author%00=1 http://wpsite/?author%00=%001 http://wpsite/?%61uthor=1 And recently wordpress since 4.7 comes with a rest api integrated that allow list users: curl -s http://wpsite/wp-json/wp/v2/users/ curl -s http://wpsite/?rest_route=/wp/ v2/users curl http://wpsite/?_method=GET -d rest_route=/wp/v2/users Know the username of a administrator is the half battle, now an attacker only need guest the password. This plugin stop it. Also, is possible get usernames from the post entries. This plugin, hide the name of the author in a post entry if he is not using a nickname. Also, hide the url page link of an administrator author. The main goal is hide the administrators usernames. Obviously, is better not choose“ admin” as the username because is easiliy guessable. ## Gosod 1. Upload `no-user-enumeration` to the `/wp-content/plugins/` directory 2. Activate the plugin through the ‘Plugins’ menu in WordPress ## Cwestiynau Cyffredin . ## Adolygiadau There are no reviews for this plugin. ## Contributors & Developers “No User Enumeration” is open source software. The following people have contributed to this plugin. Cyfranwyr * [ Carlos ](https://profiles.wordpress.org/carlost800/) [Translate “No User Enumeration” into your language.](https://translate.wordpress.org/projects/wp-plugins/no-user-enumeration) ### Interested in development? [Browse the code](https://plugins.trac.wordpress.org/browser/no-user-enumeration/), check out the [SVN repository](https://plugins.svn.wordpress.org/no-user-enumeration/), or subscribe to the [development log](https://plugins.trac.wordpress.org/log/no-user-enumeration/) by [RSS](https://plugins.trac.wordpress.org/log/no-user-enumeration/?limit=100&mode=stop_on_copy&format=rss). ## Cofnod Newid #### 1.3.2 * Using WP_DEBUG not emit undefined index notice. #### 1.3.1 * Minor changes. #### 1.3 * Fix bypass protection using this: curl http://wpsite/?_method=GET -d rest_route =/wp/v2/users #### 1.2 * Disallow list users using the rest api. * Compatibility with plugin WP All Import. #### 1.1 * Hide admin usernames in post replies. Improved security. #### 1.0 * First version. ## Meta * Version **1.3.2** * Last updated **6 blynedd yn ôl** * Active installations **200+** * WordPress version ** 2.9 neu uwch ** * Tested up to **5.2.24** * Language * [English (US)](https://wordpress.org/plugins/no-user-enumeration/) * Tags * [security](https://cy.wordpress.org/plugins/tags/security/)[user enumeration](https://cy.wordpress.org/plugins/tags/user-enumeration/) [wpscan](https://cy.wordpress.org/plugins/tags/wpscan/) * [Advanced View](https://cy.wordpress.org/plugins/no-user-enumeration/advanced/) ## Graddau No reviews have been submitted yet. [Your review](https://wordpress.org/support/plugin/no-user-enumeration/reviews/#new-post) [See all reviews](https://wordpress.org/support/plugin/no-user-enumeration/reviews/) ## Cyfranwyr * [ Carlos ](https://profiles.wordpress.org/carlost800/) ## Cefnogaeth Rhywbeth i’w ddweud? Angen help? [Gweld y fforwm cefnogi](https://wordpress.org/support/plugin/no-user-enumeration/) ## Donate Would you like to support the advancement of this plugin? [ Donate to this plugin ](https://cy.wordpress.org/plugins/no-user-enumeration/?output_format=md#)