WP_FAIL2BAN_BLOCK_USER_ENUMERATION

Block user enumeration.

Default setting: disabled

---

Blocks attempts to enumerate users via author archives and the REST API.

Example: Block user enumeration

/**
 * Block user enumeration.
 */
define('WP_FAIL2BAN_BLOCK_USER_ENUMERATION', true);

Important

You should define this in wp-config.php even if you are using the Premium flavour of WPf2b.

Warning

If your theme has Author profile pages (e.g. TwentyTwenty) you will need to block username logins instead.

See also

• WP_FAIL2BAN_BLOCK_USERNAME_LOGIN

History

Changed in version 4.0.0: Now also blocks enumeration via the REST API.

Added in version 2.1.0: Based on a suggestion from @geeklol and a plugin by @ROIBOT.