New to Translating WordPress? Read through our Translator Handbook to get started. Hide
Prio | Original string | Translation | — |
---|---|---|---|
↑ | Protect against user enumeration attacks on author pages and other places where valid user names can be obtained. | You have to log in to add a translation. | Details |
Original untranslated
Protect against user enumeration attacks on author pages and other places where valid user names can be obtained.
You have to log in to edit this translation. |
|||
↑ | WP Author Security | You have to log in to add a translation. | Details |
Original untranslated |
|||
Since Wordpress 5.5 a default sitemap can be reached via /wp-sitemap.xml. This sitemap will disclose the usernames of all authors. If this should not be disclosed you are able to disable this feature of Wordpress. | You have to log in to add a translation. | Details | |
Original untranslated
Since Wordpress 5.5 a default sitemap can be reached via /wp-sitemap.xml. This sitemap will disclose the usernames of all authors. If this should not be disclosed you are able to disable this feature of Wordpress.
CommentFound in description list item. You have to log in to edit this translation. |
|||
Wordpress supports so-called oEmbeds. This is a technique to embed a reference to a post into another post. However, this reference will also contain the author name and a direct link to the profile page. The plugin will also remove the name and link here. | You have to log in to add a translation. | Details | |
Original untranslated
Wordpress supports so-called oEmbeds. This is a technique to embed a reference to a post into another post. However, this reference will also contain the author name and a direct link to the profile page. The plugin will also remove the name and link here.
CommentFound in description list item. You have to log in to edit this translation. |
|||
Requesting the feed endpoint /feed of your blog will also allow others to see the username or display name of the author. The plugin will remove the name from the result list. | You have to log in to add a translation. | Details | |
Original untranslated
Requesting the feed endpoint /feed of your blog will also allow others to see the username or display name of the author. The plugin will remove the name from the result list.
CommentFound in description list item. You have to log in to edit this translation. |
|||
Customize the settings by navigating to <code>Settings -> WP Author Security</code> | You have to log in to add a translation. | Details | |
Original untranslated
Customize the settings by navigating to <code>Settings -> WP Author Security</code>
CommentFound in installation list item. You have to log in to edit this translation. |
|||
Activate the plugin in the Wordpress backend | You have to log in to add a translation. | Details | |
Original untranslated
Activate the plugin in the Wordpress backend
CommentFound in installation list item. You have to log in to edit this translation. |
|||
Install the plugin via the Dashboard <code>Plugins -> Add new</code> or upload the plugin's folder 'wp-author-security' from the zip into your Wordpress plugin folder <code>wp-content/plugins/</code> (e.g. via ftp) | You have to log in to add a translation. | Details | |
Original untranslated
Install the plugin via the Dashboard <code>Plugins -> Add new</code> or upload the plugin's folder 'wp-author-security' from the zip into your Wordpress plugin folder <code>wp-content/plugins/</code> (e.g. via ftp)
CommentFound in installation list item. You have to log in to edit this translation. |
|||
In addition, the plugin will also protect other locations which are commonly used by attackers to gather valid user names. These are: | You have to log in to add a translation. | Details | |
Original untranslated
In addition, the plugin will also protect other locations which are commonly used by attackers to gather valid user names. These are:
CommentFound in description paragraph. You have to log in to edit this translation. |
|||
By using the extension, you are able to disable the author pages either completely or display them only when the author has at least one published post. When the page is disabled the default 404 error page of the active theme is displayed. | You have to log in to add a translation. | Details | |
Original untranslated
By using the extension, you are able to disable the author pages either completely or display them only when the author has at least one published post. When the page is disabled the default 404 error page of the active theme is displayed.
CommentFound in description paragraph. You have to log in to edit this translation. |
|||
In some cases, it is not wanted to expose this information to the public. An attacker is able to brute force valid IDs or valid usernames. This information might be used for further attacks like social engineering attacks or log in brute force attacks with gathered usernames. ↵ <em>However, when using the plugin and you disable author pages completely it must be noted that you need to take care that your active theme will not display the author name itself on posts like "Posted by admin" or something like that. This is something the plugin will not handle (at the moment).</em> | You have to log in to add a translation. | Details | |
Original untranslated
In some cases, it is not wanted to expose this information to the public. An attacker is able to brute force valid IDs or valid usernames. This information might be used for further attacks like social engineering attacks or log in brute force attacks with gathered usernames. ↵
<em>However, when using the plugin and you disable author pages completely it must be noted that you need to take care that your active theme will not display the author name itself on posts like "Posted by admin" or something like that. This is something the plugin will not handle (at the moment).</em>
CommentFound in description paragraph. You have to log in to edit this translation. |
|||
By default, Wordpress will display some sensitive information on author pages. ↵ The author page is typically called by requesting the URI <code>https://yourdomain.tld/?author=<id></code> or with permalinks <code>https://yourdomain.tld/author/<username></code>. ↵ The page will include (depending on your theme) the full name (first and last name) as well as the username of the author which is used to log in to Wordpress. | You have to log in to add a translation. | Details | |
Original untranslated
By default, Wordpress will display some sensitive information on author pages. ↵
The author page is typically called by requesting the URI <code>https://yourdomain.tld/?author=<id></code> or with permalinks <code>https://yourdomain.tld/author/<username></code>. ↵
The page will include (depending on your theme) the full name (first and last name) as well as the username of the author which is used to log in to Wordpress.
CommentFound in description paragraph. You have to log in to edit this translation. |
|||
WP Author Security is a lightweight but powerful plugin to protect against user enumeration attacks on author pages and other places where valid user names can be obtained. | You have to log in to add a translation. | Details | |
Original untranslated
WP Author Security is a lightweight but powerful plugin to protect against user enumeration attacks on author pages and other places where valid user names can be obtained.
CommentFound in description paragraph. You have to log in to edit this translation. |
|||
The password forgotten function will also allow an attacker to check for the existence of a user. As for the log in page the plugin will display a neutral message even when the user does not exists. | You have to log in to add a translation. | Details | |
Original untranslated
The password forgotten function will also allow an attacker to check for the existence of a user. As for the log in page the plugin will display a neutral message even when the user does not exists.
CommentFound in description list item. You have to log in to edit this translation. |
|||
The log in page where different error messages will indicate whether an entered user name or mail address exists or not. The plugin will display a neutral error message independently whether the user exists or not. | You have to log in to add a translation. | Details | |
Original untranslated
The log in page where different error messages will indicate whether an entered user name or mail address exists or not. The plugin will display a neutral error message independently whether the user exists or not.
CommentFound in description list item. You have to log in to edit this translation. |
Export as
Comment
Short description.