Blog

Ways to Block WordPress User Enumeration Hack Using `.htaccess`
Posted on September 10, 2018 in WordPress by Matt Jennings

# Block User ID Phishing Requests
<IfModule mod_rewrite.c>
RewriteCond %{QUERY_STRING} ^author=([0-9]*)
RewriteRule (.*) $1? [L,R=302]
</IfModule>

# Block Feed ID Phishing Requests
<IfModule mod_rewrite.c>
RewriteCond %{QUERY_STRING} ^feed=([0-9]*)
RewriteRule (.*) $1?  [L,R=302]
</IfModule>

Leave a Reply