Trying to protect my sites from brute force attacks where hackers have figured out how to get the user names of published and unpublished authors. By entering some site .com/?author=n, where n is a number that is incremented, the url will show the users login name and the tab will show the users full name. I can’t find any reference on how to exclude or remove specific classes from body_class();.
I am using the Wordfence security plugin and limiting login attempts. I’m afraid that a legitimate user can possibly be banned and not be able to login once their username is found.
Is there a function I can use to exclude or remove author and author_user_nicename from the body classes?