By default, stupid Worldpress puts the user’s login in the author URL of each post. To remove this: in the child theme, in the file functions.php:
/**
* Remove author display name
* @param $display_name
* @return string
*/
function my_remove_author_display_name( $display_name ) {
if ( ! is_admin() ) {
return '';
}
return $display_name;
}
add_filter( 'the_author', 'my_remove_author_display_name' );
/**
* Adjust API endpoint availability to hide user info
*/
function my_api_endpoint_setup( $endpoints ) {
if ( isset( $endpoints['/wp/v2/users'] ) ) {
unset( $endpoints['/wp/v2/users'] );
}
if ( isset( $endpoints['/wp/v2/users/(?P<id>[\d]+)'] ) ) {
unset( $endpoints['/wp/v2/users/(?P<id>[\d]+)'] );
}
return $endpoints;
}
add_filter( 'rest_endpoints', 'my_api_endpoint_setup' );
The first piece knocks out the display; the second one takes the API ends out of the water.
If you don’t have a child theme or don’t know what it is, there’s a more kolhozny option – hide by css, for example:
span.author.vcard {
display: none;
}
span.meta-sep {
display: none;
}
It won’t save you from tough guys, but it might save the typical koolhacker.
Also note that some plugins light up the login too; this has to be checked individually.