The plugin disables the author archive redirection.
| Author: | Kimiya Kitani (profile at wordpress.org) |
| WordPress version required: | 6.0 |
| WordPress version tested: | 6.5.2 |
| Plugin version: | 2.1.1 |
| Added to WordPress repository: | 11-03-2020 |
| Last updated: | 24-04-2024 |
| Rating, %: | 0 |
| Rated by: | 0 |
| Plugin URI: | |
| Total downloads: | 1 677 |
| Active installs: | 10+ |
 Click to start download |
|
WordPress redirects /?author=(number) to /author/(userID) if the author id exists. This is the security vulnerability because an internet user might be able to know all User ID and the user name in a website using WordPress.
If you can control the configuration of a web server, you had better use the rewrite rule (Search as “Block Author URLs”) for reducing the system load of WordPress.
The plugin prevents the security vulnerability regarding the author archive redirection.
Detailed Behavior
1. It isn’t applied in the admin dashboard.
2. If “author” query in URL (QUERY_STRING) exists, displays 404 error.
3. If “/author/” in REQUEST_URI involves, redirects to the top page.
4. Apply to the “redirect_canonical” hook, too.
ChangeLog