anantshri/wp-security/master/htaccess/username_attachment_enumeration.htaccess - Htaccess File

anantshri/wp-security/master/htaccess/username_attachment_enumeration.htaccess

#username / attchment enumeration protection
# ref : http://blog.anantshri.info/mission-attachment-protection
# ref : http://blog.anantshri.info/wordpress-user-enumeration-poc-shell-script/
<IfModule mod_rewrite.c>
RewriteCond %{QUERY_STRING} author=([0-9]*) [OR]
RewriteCond %{QUERY_STRING} attachment_id=([0-9]*)
RewriteRule ^(.*)$ /index.php [F,L]
</IfModule>

On Github License

Files

Download PDF of Htaccess file

QUERY_STRING

Comments

Apache