Ban Non-Existent User

Ban log in attempts on Non-Existing Users

What It Does

This module ensures that login attempts with non-existent usernames are treated the same way as failed login attempts with valid usernames. This prevents username enumeration attacks where attackers try to discover valid usernames by attempting logins with different usernames.

When this module is active, if someone tries to log in with a username that doesn't exist, the system treats it the same as an incorrect password attempt. This prevents attackers from determining which usernames are valid on your website, making it much harder for them to target specific user accounts.

Why It Matters

Login attacks are one of the most common ways attackers try to gain access to WordPress websites.

By strengthening your login security, you significantly reduce the risk of unauthorized access to your website.

How to Use

Activate this module in the Users & Login section of SecuPress settings.

Once activated, the module works automatically and provides protection for your website.

If you encounter any issues after activation, you can temporarily deactivate the module. The module will automatically remove its protection rules when deactivated.