SMNTCS Disable REST API User Endpoints

Description

With WordPress 4.7 the REST API is part of the core. At the moment everyone has read access to the REST API. As a result of that a potential intruder can retrieve a list of all user slugs via /wp-json/wp/v2/users. This plugin disables the REST API user endpoints to obscure the user slugs.

Installation

  1. Upload ‘smntcs-disable-rest-api-user-endpoints’ to the ‘/wp-content/plugins/’ directory
  2. Activate the plugin through the ‘Plugins’ menu in WordPress

Reviews

Perfect

Does what is says, and you really shoud use this on all your sites.

I just can’t imagine your woocommerce customers login names being exposed via the REST API. Though the REST API is an amazing feature

Kudos on this !!!

Read all 1 review

Contributors & Developers

“SMNTCS Disable REST API User Endpoints” is open source software. The following people have contributed to this plugin.

Contributors

Changelog

1.0

  • Initial release