random user suggestion for site about wordops HOT 7 CLOSED

Hello,
WordOps, like EasyEngine, already provide the ability to define WordPress username, so I'm not sure generating random WordPress username is needed.

from wordops.

Yes, you're right.
my thinking is in just not having an equal login for everyone, having a different one, I believe this will increase security.

from wordops.

It doesn't, because username is still displayed in WordPress RSS feed and it's pretty easy to get it using the wp-json API. We are working on a solution for this.

exemple : http://yoursite.tld/wp-json/wp/v2/users/1

from wordops.

Maybe you guys could use gpw? For my docker stack script that I wrote does this automatically via:

/etc/functions/env.sh

docker run -it --rm demyx/utilities sh -c "gpw 1 10"
avemssited # Sample output

WordOps, like EasyEngine, already provide the ability to define WordPress username, so I'm not sure generating random WordPress username is needed.

I kinda agree with you on this one but I just wanted to make life easier by not going through the install process. If it can be automated, why not?

from wordops.

Hello, I'm not sure to understand the purpose of your script. Can you explain more about it?

from wordops.

@VirtuBox my script uses Docker so it wouldn't work with WO but the package gpw is available in the repos for Ubuntu and probably Debian.

from wordops.

@demyxco ah ok I understand. Don't worry for that part, it can be done in python without having to use an additional package.
But like I said previously, I do not think random username is a way to secure WordPress properly because it's pretty easy to get a list of users by browsing RSS feed or wp-json API.
EasyEngine already included a rate limiter on /wp-login.php, and I'm working on fail2ban integration to add an additional layer on security on this page. I have also increased WordPress passwords size to 24 characters.

from wordops.