WP_FAIL2BAN_BLOCK_USER_ENUMERATION

Block user enumeration.

Default setting: disabled

Added in version 2.1.0.

Changed in version 4.0.0: Now also blocks enumeration via the REST API.

---

Blocks attempts to enumerate users via author archives and the REST API.

Example: Block user enumeration

/**
 * Block user enumeration.
 */
define('WP_FAIL2BAN_BLOCK_USER_ENUMERATION', true);

Important

You should define this in wp-config.php even if you are using the Premium flavour of WPf2b.

Warning

If your theme has Author profile pages (e.g. TwentyTwenty) you will need to block username logins instead.

History

Based on a suggestion from @geeklol and a plugin by @ROIBOT.

See also

• WP_FAIL2BAN_BLOCK_USERNAME_LOGIN