RONIN47 Wordpress Plugin - Rating, Reviews, Demo & Download
Plugin Description
RONIN47 helps to secure your WordPress website when using Google AMP Technology.
Among other things, RONIN47 checks if you are not in the admin area and whether someone is trying to access the author name via the “?author” parameter and if so, it redirects back to the home webpage.
Hackers can find your username in WordPress by appending the query /?author=1 as in example.com/?author=1 which will immediately redirect to your author webpage like example.com/author/catherine
If hackers cannot find your username, they will not Brute-Force your Login page trying to guess your password and that means less load on your server.
RONIN47 also blocks WordPress JSON REST Endpoints. When you visit example.com/wp-json/wp/v2/users/1 you will see your username in plain sight. This happens because WordPress exposes certain REST APIs by default and this allows anyone to enumerate the users via JSON.
After activating this plugin, your website will return the following message (if you visit the same link again): {“code”:”rest_no_route”,”message”:”No route was found matching the URL and request method.”,”data”:{“status”:404}}
Whenever you try to log in, you will not see any errors that may indicate the wrong password or the wrong username. You will see instead the following message: “Something is wrong! Are you a legit user?”.
RONIN47 hides Core Update Notices from all users except Admin.
Support
Please, use the WordPress.org forums for community support at https://wordpress.org/support/plugin/ronin47 and if you spot a bug or if you have a suggestion to improve the code functionality, you can contact us at admin@xogum.email
Screenshots
No screenshots provided