Enumeration is a tequnique that uses a series of number to get a hit on a user namer that exposes a user id via author achives.
The plugin attemptps to stop that and some other places where user names are ‘leaked’ to non logged in users by core WordPress.
I have no idea why NinjaFirewall security is logging such attempts when this plugin is active, maybe it is checking ealier in a WAF or something hooked earlier than ‘init’, you would have to ask them or trace their code.
If NinjaFirewall is stopping enumeration I’m not sure this plugin adds any extra value.
This plugin was first written 11 years ago and at that time none of the big security plugins incorporated these checks, a year or two later WordFence did ( actually lifting code from this plugin, I know as I checked and it included a bug 🙂 )
It is still a popular plugin for the purpose intented, a light weight way to detect nafarious activity and put up a block at server level firewalls via Fail2Ban, however for people that go ‘full heavyweight security plugin’ there is no point in doubling up functionality.
