I noticed that when you click on the author’s name on wordpress that the url uses the user’s “slug” which makes me feel a bit iffy since there are a lot of hackers going about. So, I wondered how to avoid the “slug” on the url.

I was thinking at first if I could change the rewrite_rule but found if very difficult when trying to redirect the author template and then I found snippets by Jan Fabry while searching the internet for a solution.

It may be a few years old but it’s still better than nothing at all. I am currently using this function and hopefully, it’ll add some form of security and a piece of mind.

Changing the author URL:

add_filter( 'request', 'themename_author_request' );
function themename_author_request( $query_vars )
    if ( array_key_exists( 'author_name', $query_vars ) ) {
        global $wpdb;
        $author_id = $wpdb->get_var( $wpdb->prepare( "SELECT user_id FROM {$wpdb->usermeta} WHERE meta_key='nickname' AND meta_value = %s", $query_vars['author_name'] ) );
        if ( $author_id ) {
            $query_vars['author'] = $author_id;
            unset( $query_vars['author_name'] );    
    return $query_vars;

Hook into the author_link:

add_filter( 'author_link', 'themename_author_link', 10, 3 );
function themename_author_link( $link, $author_id, $author_nicename )
    $author_nickname = get_user_meta( $author_id, 'nickname', true );
    if ( $author_nickname ) {
        $link = str_replace( $author_nicename, $author_nickname, $link );
    return $link;

This site uses Akismet to reduce spam. Learn how your comment data is processed.