I helped build a WordPress-site for a not-for-profit and they asked me to disable the author pages. Although I’m sure there are multiple plugin-based solutions, I ended up simply adding an author.php to my (child) theme with this in it;
<?php header("HTTP/1.1 301 Moved Permanently"); header("Location: /"); ?>
As author.php is used for all author pages (if available, else archive.php is used), every attempt to reach an author page will result in a permanent redirect being sent, effectively disabling the author archive. Keeping it simple stupid!
Or you can use WordPress SEO by Yoast, which has an option to disable and redirect author pages.
But a simple solution is nice, if you don’t want to use the reasonable SEO options to improve your blog.
I often prefer my own simple solutions. Knowing what’s under the hood and all 😉
And somehow I feel having author pages should be decided within the theme (or theme settings), not a plugin.
That’d be dope — unfortunately, as of Yoast 2.3.5 on my WordPress 4.3.1 install, the option is no longer there.
The option is still exist on Yoast. Go to “Titles & Metas”, press on “Archives”, then under “Duplicate content prevention” select the option “Disable the author archives”.
This will work out great for me as I do not want to use Yoast’s plugin. For one, it is in conflict with 3 plugins I already use (because of similar features) and two, I can not control the canonical on my site due to it. The site has an SSL certificate and loads with the https protocol but I want SE’s to index the non-https version of the site since I may may drop the SSL feature in the future and Yoast’s plugin keeps setting the canonical to the https so I had to drop it altogether.
Frank — good tip. I actually want to just generate a 404 page (the same one that’s already in my theme) so I used your approach of introducing author.php, but mine reads:
Nice tip, thanks!
hiding the author URL that well get you 404 error ? if it s indexed is that gonna hurt you rank ?
if yes how to show them
thanks
No, it’s a HTTP 301 response (moved), so not a 404 and hence it will not hurt your SEO/ rank.
Love this, thank you!
Simple and correct ! Thanks a lot !
Nice,
Thank you, What about these :-
Category based
Tag based
Date based (daily, monthly and yearly)
Have a look at this page on the wordpress codex Mohammed; https://developer.wordpress.org/themes/basics/template-hierarchy/ it should have all info you need 🙂
Another option for this that can keep all of your redirects in one place is to edit you htaccess file using regular expressions to cause pages to 301/302 redirect. (https://wpscholar.com/blog/simple-redirects-with-htaccess/)
really awesome. so glad i found this.
Researching different ways to do this. What would you think might be the best way to only block authors with certain user roles. I am looking to block the author page for all admins, but leave it open for authors of the blog, which might be userful, or when it is used as the profile for agents on a real estate page.
Thanks
You could copy archive.php but add the 2 header-lines from the original post if the user has “activate_plugins” capabilities?
Thanks, I was thinking about something like that. A lot of the sites I do don’t use “authors” at all and I never thought of just blocking this off on default for all mys sites. I noticed that there are author pages even generated for admins and this could expose email addresses, which is not a good thing. I almost think that WordPress should have a toggle on and toggle off built into the core as WordPress is being used for some many different types of sites these days.
Good idea, but whenever making redirects in WordPress it is best to use their wp_redirect() core function instead.
This may be slightly off topic, but this article came up high in my search results. If you have a domain.com/author/PageYouDontWant will doing this delete it and also prevent it from being automatically recreated?
As it’s a “301 Moved permanently” and not a “302 Moved temporarily”, one can expect search-engines to remove the old page, yes (see https://www.hochmanconsultants.com/301-vs-302-redirect/ for info on the differences).
Thanks for the reply! Reason I asked is in line with something JP mentioned higher up, why on earth would WP auto generate an author page for admin accounts, exposing sensitive info. Wonder if this is the cure all for it, as long as you do it soon enough while first setting up a new site.
Good question, no idea why that is done really. Do also take into account that the REST API by default allows anonymous access and has an endpoint to list authors as well (wp-json/wp/v2/users/). I use https://wordpress.org/plugins/disable-json-api/ for that purpose (and more).
Didn’t even realize that either, I’m extremely new to WP. Have you written an article on all your little tweaks like that to help secure a WordPress install?
Afraid I don’t have that documented (yet), no. There are plugins that offer extra security, but some of those can be pretty invasive too.
That’d be a pretty good article if you ever do get a change to write that up, bet it would be near the top of Google search results just like this one was for me.
Oh wow thank you Frankie G!
I have Yoast installed on my WP site but I really prefer this under-the-hood tweak. Tested it and it worked just as it said it would.
Thank you!
Simple effective and brilliant solution, many thanks.