You may not realize this, but:
Whenever someone types in a URL like example.com/?author=1 on a WordPress site, they are automatically redirected to: example.com/author/username/.
In this URL, ‘username’ is (by default) the login name of the author with an ID of 1 (commonly, this is the admin user).
Likewise, if someone were to enter example.com/?author=2, he/she will be redirected to example.com/author/person2/ where person2 is the login name of the author with an ID of 2 (if such an account exists).
And so forth… You’re catching the drift, right?
From a security point of view, it’s a little like leaving the front door open.
Why?
Because it exposes your authors’ login information, thus making your website less secure.
Essentially, without any effort, hackers can find your authors’ usernames and use this as a golden ticket to try and access your dashboard via the login form. Not quite the visitors you were hoping for, I’m guessing.
Well, here’s some good news!
Hide My WP Ghost has a built-in feature that allows you to Hide the Author ID URL.
With it, you’re basically pulling down the blinds on the Author ID URL, creating a much-needed safety shield.
How to Hide the Author ID URL using Hide My WP Ghost
This functionality is included in the PRO version of Hide My WP Ghost.
Check out more pricing details here >>
To disable the author ID calls and prevent usernames from being exposed, switch on the ‘Hide Author URL’ feature by going to Hide My WP > Change Paths > User Security > Hide Author ID URL.
Remember, the Author ID URL acts like a hidden window into your WordPress site, exposing your usernames.
And make no mistake, this is a vulnerability that cybercriminals will exploit – if given the chance. By enabling the Hide Author ID URL option, URLs like yourdomain.com/?author=1 will NO longer reveal the user login name.
It’s a simple but powerful step you can take right now to further strengthen your website’s security and keep hackers at bay.
