Block wp-json/wp/v2/users in cyberpanel

  • Resolved raha1988ab

    (@raha1988ab)


    1 year, 2 months ago

    Hi

    I’m using cyberpanel and installed the ALOWS in my wordpress

    I active many Items in the plugin , but I can cheek the wp-json/wp/v2/users in my stie and it should show me the error not list the user id

    1years a go you give me this code to block that via htaccess , but now it wont work…

    #AIOWPS_PINGBACK_HTACCESS_RULES_START
<Files xmlrpc.php>
order deny,allow
deny from all
</Files>
#AIOWPS_PINGBACK_HTACCESS_RULES_END
RewriteRule xmlrpc - [F,L]
# BEGIN block author scans
RewriteEngine On
RewriteBase /
RewriteCond %{QUERY_STRING} (author=\d+) [NC]
RewriteRule .* - [F]
# END block author scans
RewriteRule ^wp-json.*$ 404.html
<Files *.php>deny from all</Files>

    Would you please tell me how to block this json request to my wordpress?

    Thanks

    The page I need help with: [log in to see the link]

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Support hjogiupdraftplus

    (@hjogiupdraftplus)

    1 year, 2 months ago

    Hi @raha1988ab

    Sorry for late reply.

    From the htaccess code you sent.. below line when calle wp-json/wp/v2/users should redirect to 404.html it is custom code not AIOS it should work if .htaccess still running. 

    RewriteRule ^wp-json.*$ 404.html

    Thread Starter raha1988ab

    (@raha1988ab)

    1 year, 2 months ago

    Hi

    Thanks for reply

    That code wont work

    If it’s not related to the security plugin , why when I install the wordfence , it block the wp-json ?

    Thanks

    Plugin Support hjogiupdraftplus

    (@hjogiupdraftplus)

    1 year, 2 months ago

    Hi @raha1988ab

    If that .htaccess code not blocking..

    Can you please cross check the AIOS plugin WP security > Miscellaneous > WP REST API the “Disallow unauthorized REST requests:” checked.

    For Wordfence I do not have more idea but might be they are blocking rest api by default.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Block wp-json/wp/v2/users in cyberpanel’ is closed to new replies.