WordPress Login Page Activity Log

User Enumeration Logs

Estimated reading: 2 minutes 394 views

Do you want to monitor when someone tries to discover usernames or user IDs on your WordPress site?

The AIO Login – User Enumeration Logs feature helps you track all such attempts, ensuring you stay informed whenever bots or unauthorized users try to access user-related information.

Quick Overview of User Enumeration Logs

When the User Enumeration Protection settings are enabled in AIO Login, any attempt to fetch usernames or user IDs—whether through REST API, sitemaps, comments, or embeds—is automatically recorded in the User Enumeration Logs.

These logs help you identify and block malicious users who try to perform enumeration attacks on your website.
Before enabling log recording, make sure you have activated User Enumeration Protection under AIO Login → Security → User Enumeration.
Learn more in the User Enumeration Protection Documentation.

View User Enumeration Logs in AIO Login

You can easily monitor enumeration activities from your Activity Logs section.

Follow these steps to access the logs
  • Navigate to AIO Login → Activity Logs from your WordPress dashboard.
  • Open the User Enumeration sub-tab.
  • Enable the toggle to activate log recording.
  • The log table will display all recent enumeration attempts and related details.
  • Click Save Changes to apply and store your settings.

Log Retention Settings

You can manage how long enumeration logs are stored in your system:

  • Default retention period: 3 days.
  • You can modify this setting by entering a custom number of days based on your site’s requirements.

After the specified duration, old logs are automatically deleted to maintain optimal performance.

Manage Enumeration Logs

Within the User Enumeration Logs, you can take quick actions directly from the log table:

  • Block User: Instantly block a user who attempted to enumerate your site’s usernames. Once blocked, the user will no longer be able to access sitemaps, author pages, or any endpoint that might reveal usernames and IDs.
  • Unblock User: Restore access for a previously blocked user when necessary. Even after unblocking, user names and IDs will continue to remain hidden as per your enumeration protection settings.

Why It Matters

User Enumeration Logs give administrators full visibility into potential reconnaissance attempts against their WordPress site.
By tracking, blocking, and managing suspicious activities, you can significantly reduce the risk of brute-force attacks and protect sensitive user information.

Leave a Reply

Your email address will not be published. Required fields are marked *

Share this Doc

User Enumeration Logs

Or copy link

CONTENTS

Powered By EazyDocs

Scroll to Top