Wordpress brutforce security and prevent username visibility

functions.php

<?php

/** Disable XML-RPC - is a URL which hacher always used in first for Brute-Force attacks website with no using auth form */
add_filter('xmlrpc_enabled', '__return_false');

/** Hide username from comments */
function remove_comment_author_class( $classes ) {
    foreach( $classes as $key => $class ) {
        if(strstr($class, "comment-author-")) {
            unset( $classes[$key] );
        }
    }
    return $classes;
}
add_filter( 'comment_class' , 'remove_comment_author_class' );

/** Disable Username finding via hackers */
// https://site.com/?author=1
function protect_usernames_from_hackers() {
    if ( is_author() || ( isset( $_GET['author'] ) && $_GET['author'] && !is_admin()) ) {
        global $wp_query;
        $wp_query->set_404();
        status_header(404);
    } else {
        redirect_canonical();
    }
}
remove_filter('template_redirect', 'redirect_canonical');
add_action('template_redirect', 'protect_usernames_from_hackers');

// Source: https://www.wp-tweaks.com/hackers-can-find-your-wordpress-username/
// Protect user data from API https://[yoursite]/wp-json/wp/v2/users/1
function disable_rest_endpoints ( $endpoints ) {
    if ( isset( $endpoints['/wp/v2/users'] ) ) {
        unset( $endpoints['/wp/v2/users'] );
    }
    if ( isset( $endpoints['/wp/v2/users/(?P<id>[\d]+)'] ) ) {
        unset( $endpoints['/wp/v2/users/(?P<id>[\d]+)'] );
    }
    return $endpoints;
}
add_filter( 'rest_endpoints', 'disable_rest_endpoints');