Title: Patch, new feature proposal: enumerate users Last modified: August 30, 2016 --- # Patch, new feature proposal: enumerate users * Resolved [gdavide](https://wordpress.org/support/users/gdavide/) * (@gdavide) * [10 years, 6 months ago](https://wordpress.org/support/topic/patch-new-feature-proposal-enumerate-users/) * This plugin is quite simple: [https://wordpress.org/plugins/stop-user-enumeration/](https://wordpress.org/plugins/stop-user-enumeration/) i could integrate it in aiowps, if it will merged in the next aiowps versions. Could this feature be useful? If it’s useful, i could work on it and propose a patch. * Regards * [https://wordpress.org/plugins/all-in-one-wp-security-and-firewall/](https://wordpress.org/plugins/all-in-one-wp-security-and-firewall/) Viewing 6 replies - 1 through 6 (of 6 total) * Plugin Contributor [mbrsolution](https://wordpress.org/support/users/mbrsolution/) * (@mbrsolution) * [10 years, 6 months ago](https://wordpress.org/support/topic/patch-new-feature-proposal-enumerate-users/#post-6841048) * Hi thank you for your request. The plugin developers will reply to this post in regards to your request. * Thank you * [mra13 / Team Tips and Tricks HQ](https://wordpress.org/support/users/mra13/) * (@mra13) * [10 years, 6 months ago](https://wordpress.org/support/topic/patch-new-feature-proposal-enumerate-users/#post-6841052) * Hi, Yeah sure. You can create a patch using our github repository: [https://github.com/Arsenal21/all-in-one-wordpress-security](https://github.com/Arsenal21/all-in-one-wordpress-security) * Thread Starter [gdavide](https://wordpress.org/support/users/gdavide/) * (@gdavide) * [10 years, 5 months ago](https://wordpress.org/support/topic/patch-new-feature-proposal-enumerate-users/#post-6841254) * Ok, here it’s the pull request: [https://github.com/Arsenal21/all-in-one-wordpress-security/pull/12](https://github.com/Arsenal21/all-in-one-wordpress-security/pull/12) Regards * [bios4](https://wordpress.org/support/users/bios4/) * (@bios4) * [10 years, 5 months ago](https://wordpress.org/support/topic/patch-new-feature-proposal-enumerate-users/#post-6841269) * The plugin-based solution to “stop users enumeration” mentioned here and introduced with AIOWPS 4.0.3 might be nice to have for users who do not have the possibility to use .htaccess. * For all others I think a “smarter” and more lightweight solution would be to stop access to the author URLs already in .htaccess, as shown here: [https://wordpress.org/support/topic/author1-2-3-how-to-stop-it](https://wordpress.org/support/topic/author1-2-3-how-to-stop-it) * ``` RewriteCond %{REQUEST_URI} ^/$ RewriteCond %{QUERY_STRING} ^/?author=([0-9]*) RewriteRule .* http://127.0.0.1? [L] ``` * Wouldn’t this ^^ be a possible and useful solution? Maybe as an “addon” second possibility? * Thread Starter [gdavide](https://wordpress.org/support/users/gdavide/) * (@gdavide) * [10 years, 5 months ago](https://wordpress.org/support/topic/patch-new-feature-proposal-enumerate-users/#post-6841270) * Why do you think that using a rewrite rule would be “smarter” than the actual code-solution? Maybe could be a more lightweight , this is true, but i think that a clean and simple .htaccess will be better, remember that nginx doesn’t support mod_rewrite, so the actual solution work with other http daemons. * Regards * [bios4](https://wordpress.org/support/users/bios4/) * (@bios4) * [10 years, 5 months ago](https://wordpress.org/support/topic/patch-new-feature-proposal-enumerate-users/#post-6841274) * I assume the .htaccess-solution to be “smarter” as the accessing of these URLs is blocked before the PHP/code level. * And I stated that the current plugin-based solution might be the better (i.e. only) choice for users that can’t make use of .htaccess (e.g. nginx), and that the .htaccess-variant might be a possible second possibility. * I also don’t know if the linked .htaccess-code is sufficient in terms of offering the same level of security or if it would be required to be tweaked/extended, but I wanted to talk about this possibility. * Plus: a few lines more in .htaccess should not make for a big difference compared to the current size of the AIOWPS-generated .htaccess file… * What do you think about this? Viewing 6 replies - 1 through 6 (of 6 total) The topic ‘Patch, new feature proposal: enumerate users’ is closed to new replies. * ![](https://ps.w.org/all-in-one-wp-security-and-firewall/assets/icon-256x256. png?rev=2798307) * [All-In-One Security (AIOS) – Security and Firewall](https://wordpress.org/plugins/all-in-one-wp-security-and-firewall/) * [Frequently Asked Questions](https://wordpress.org/plugins/all-in-one-wp-security-and-firewall/#faq) * [Support Threads](https://wordpress.org/support/plugin/all-in-one-wp-security-and-firewall/) * [Active Topics](https://wordpress.org/support/plugin/all-in-one-wp-security-and-firewall/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/all-in-one-wp-security-and-firewall/unresolved/) * [Reviews](https://wordpress.org/support/plugin/all-in-one-wp-security-and-firewall/reviews/) * 6 replies * 4 participants * Last reply from: [bios4](https://wordpress.org/support/users/bios4/) * Last activity: [10 years, 5 months ago](https://wordpress.org/support/topic/patch-new-feature-proposal-enumerate-users/#post-6841274) * Status: resolved