Created
April 22, 2020 09:05
-
-
Save carl-alberto/c21fe27f048b9b6fdc73d205c4f3c74b to your computer and use it in GitHub Desktop.
Prevent user enumeration
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/** | |
* Stop user enumeration. | |
* | |
* @package wpplugin | |
*/ | |
if ( ! is_admin() ) { | |
// phpcs:disable | |
if ( preg_match( '/author=([0-9]*)/i', $_SERVER['QUERY_STRING'] ) ) { | |
// phpcs:enable | |
die(); | |
} | |
add_filter( 'redirect_canonical', 'cafunc1_check_enum', 10, 2 ); | |
} | |
/** | |
* Stop user enumeration function. | |
* | |
* @param [type] $redirect Redirect url. | |
* @param [type] $request Request parameter. | |
* @return url redirect to home. | |
*/ | |
function cafunc1_check_enum( $redirect, $request ) { | |
if ( preg_match( '/\?author=([0-9]*)(\/*)/i', $request ) ) { | |
die(); | |
} else { | |
return $redirect; | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment