I’ve been investigating ways to stop people trying to brute-force my logins. While I do have Defender set up to block their IP after a few attempts, it would be useful to be able to hide the username altogether.
E.g., if someone goes to mysite?author=1 they are redirected to mysite/author/user_name
Would it be possible to introduce a feature to Defender where they were redirected to mysite/author/display_name instead? I realise this can be done with additional plugins… but it would, I think, be a useful addition to the security hardening Defender already does if it were added to the core package.