Disable WP REST API

Hospedagem WordPress com plugin Disable WP REST API

Onde posso hospedar o plugin Disable WP REST API?

Este plugin pode ser hospedado em qualquer provedor que tenha WordPress instalado. Recomendamos fortemente optar por uma empresa de hospedagem seguro, com servidores otimizados para WordPress, como o serviço de hospedagem de sites da MCO2.

Hospedando o plugin Disable WP REST API em um provedor seguro

A MCO2, além de instalar o WordPress na versão mais atualizada para seus clientes, oferece o plugin WP SafePress, um mecanismo exclusivo que protege e aumenta a performance do seu site conjuntamente.

Por que a Hospedagem WordPress funciona melhor na MCO2?

A Hospedagem WordPress funciona melhor pois a MCO2 possui servidores otimizados para WordPress. A instalação de WordPress é diferente de uma instalação trivial, pois habilita imediatamente recursos como otimização de imagens, proteção da página de login, bloqueio de atividades suspeitas diretamente no firewall, cache avançado e HTTPS ativado por padrão. São plugins que potencializam seu WordPress para a máxima segurança e o máximo desempenho.

Does one thing: Completely disables the WordPress REST API for visitors who are not logged into WordPress. No configuration required.

Important: This plugin completely disables the WP REST API for visitors who are NOT logged in to WordPress. So not recommended if your site needs the WP REST API for any non-logged users.

👉 The fast, simple way to prevent abuse of your site’s REST/JSON API
👉 Protects your site’s REST data from all non-logged users and bots
👉 Uses only 4KB of code, so super lightweight, fast, and effective

Features

• Disable REST/JSON for visitors (not logged in)
• Disables REST header in HTTP response for all users
• Disables REST links in HTML head for all users
• 100% plug-and-play, set-it-and-forget solution

How does it work?

This plugin completely disables the WP REST API unless the user is logged into WordPress.

• For logged-in users, WP REST API works normally
• For logged-out users, WP REST API is disabled

What happens if logged-out visitor makes a JSON/REST request? They will get only a simple message:

rest_login_required: REST API restricted to authenticated users.

This message may customized via the filter hook, disable_wp_rest_api_error. Check out this post for an example of how to do it.

Privacy

This plugin does not collect or store any user data. It does not set any cookies, and it does not connect to any third-party locations. Thus, this plugin does not affect user privacy in any way. If anything it improves user privacy, as it protects potentially sensitive information from being displayed/accessed via REST API.

Disable WP REST API is developed and maintained by Jeff Starr, 15-year WordPress developer and book author.

Support development of this plugin

I develop and maintain this free plugin with love for the WordPress community. To show support, you can make a donation or purchase one of my books:

• The Tao of WordPress
• Digging into WordPress
• .htaccess made easy
• WordPress Themes In Depth
• Wizard’s SQL Recipes for WordPress

And/or purchase one of my premium WordPress plugins:

• BBQ Pro – Blazing fast WordPress firewall
• Blackhole Pro – Automatically block bad bots
• Banhammer Pro – Monitor traffic and ban the bad guys
• GA Google Analytics Pro – Connect WordPress to Google Analytics
• Head Meta Pro – Ultimate Meta Tags for WordPress
• Simple Ajax Chat Pro – Unlimited chat rooms
• USP Pro – Unlimited front-end forms

Links, tweets and likes also appreciated. Thank you! 🙂