WP Author Security
Protect against user enumeration attacks on author pages and other places where valid user names can be obtained.
5(2 reviews)
·500 active installs·Updated 2 years agoAs of April 2026, WP Author Security is a WordPress author plugin with 500 active installations and a 5/5 rating from 2 reviews. It has been downloaded 6.6K+ times in total. Requires WordPress 4.7+ and PHP 7.4+. Available on WordPress.org since 2020. Last updated 2 years ago — may have compatibility concerns. Top alternative: Edit Author Slug.
5/52 reviews
500active installs
6.6K+total downloads
6 yearssince 2020
Overview
WP Author Security is a lightweight but powerful plugin to protect against user enumeration attacks on author pages and other places where valid user names can be obtained.
By default, WordPress will display some sensitive information on author pages.
The author page is typically called by requesting the URI https://yourdomain.tld/?author=<id> or with permalinks https://yourdomain.tld/author/<username>.
The page will include (depending on your theme) the full name (first and last name) as well as the username of the author which is used to log in to WordPress.
In some cases, it is not wanted to expose this information to the public. An attacker is able to brute force valid IDs or valid usernames. This information might be used for further attacks like social engineering attack…
Screenshots
Ratings & Reviews
52 reviews
5 ★
2
4 ★
0
3 ★
0
2 ★
0
1 ★
0
Compatibility
| WordPress | 4.7+ requiredTested up to 6.2.9 |
| PHP | 7.4+ required |
Top Alternatives to WP Author Security
Frequently Asked Questions
Changelog
1.5.0
- added basic statistics to the settings page
- bugfix password forgotten protection
Contributors
Plugin data sourced from WordPress.org. Analysis and metrics by PluginSift.