LTUser
Regular Pleskian
Excuse me, I do not find the right place to warn about it and it is not really a security leak.
Therefore delete the info or move it to the right place if necessary.
Test this:
https://(www.)yourdomain.tld/wp-json/wp/v2/users/
Do you get a page with UserNames and IDs
add this near Rewritebase / in your .htaccess
The data leak also exists if the WordPress Toolkit and the
security check classify everything as "Safe".
Therefore delete the info or move it to the right place if necessary.
Test this:
https://(www.)yourdomain.tld/wp-json/wp/v2/users/
Do you get a page with UserNames and IDs
add this near Rewritebase / in your .htaccess
Code:
RewriteCond %{REQUEST_URI} (wp-json|author)
RewriteRule ^(.*)$ https://www.yourdomain.tld [F,L]
The data leak also exists if the WordPress Toolkit and the
security check classify everything as "Safe".