On nginx installations I have that are not EE, I use the following to prevent username enumeration.
location / {
try_files $uri $uri/ /index.php?$args;
if ($args ~ "^/?author=([0-9]*)"){
set $rule_0 1$rule_0;
}
if ($rule_0 = "1"){
rewrite ^/$ http://domain.com/404 permanent;
}
}
It appears impossible (well, unwise anyway) to do in EE because location /
appears in various include files under nginx/common that are updated as EE is updated so the change would be overwritten. Any ideas where I might add?
Thank you!