Locking down some endpoints?
-
It seems a bit of a security risk that the :users endpoint (/wp/v2/users) shows a public viewer the usernames of the site’s users.
This surely, is the same argument regarding why you should always change your default username away from ‘admin’? And makes a password hack attempt much easier.
Viewing 4 replies - 1 through 4 (of 4 total)
Viewing 4 replies - 1 through 4 (of 4 total)
- The topic ‘Locking down some endpoints?’ is closed to new replies.