Title: Security WP REST API – Web Scraping Last modified: August 14, 2018 --- # Security WP REST API – Web Scraping * [jfantasybooks](https://wordpress.org/support/users/jfantasybooks/) * (@jfantasybooks) * [7 years, 9 months ago](https://wordpress.org/support/topic/security-wp-rest-api-web-scraping/) * Hi there. * I was wondering if there is any security to prevent web scraping via the WP REST API. It seems you can grab any data you want, however you like. * And if so, any documentation that talks about setting up a secure connection between apps and the site? Like Credentials..etc. * Thanks. * J. Viewing 4 replies - 1 through 4 (of 4 total) * [Jacob Peattie](https://wordpress.org/support/users/jakept/) * (@jakept) * [7 years, 9 months ago](https://wordpress.org/support/topic/security-wp-rest-api-web-scraping/#post-10589140) * You can scrape data from the website from the HTML too, there’s nothing special about the API in that regard just because it’s JSON. * Thread Starter [jfantasybooks](https://wordpress.org/support/users/jfantasybooks/) * (@jfantasybooks) * [7 years, 9 months ago](https://wordpress.org/support/topic/security-wp-rest-api-web-scraping/#post-10591409) * I understand it’s possible to scrape from html. * But to scrape the rest api seems way too easy. Just need the link, and they can grab the content of any wordpress site. * What I want to know is if there is a way to control that. Limit access to the server itself or to specific apps. * And if currently not, is there a way to alter the url to a customized one, where possibly only someone very knowledgeable could find out. * Rule for anti-scraping or anything, really: There is no need to make it easy for those who steal our content, when there is an option to do otherwise. * Can anyone offer some useful advice please? * And please, if you’re not going to help, don’t respond. - This reply was modified 7 years, 9 months ago by [jfantasybooks](https://wordpress.org/support/users/jfantasybooks/). * [aCstudent](https://wordpress.org/support/users/acstudent/) * (@acstudent) * [7 years, 9 months ago](https://wordpress.org/support/topic/security-wp-rest-api-web-scraping/#post-10591462) * My understanding is that if your content is displayed to a user, it can be scraped. The CloudFlare free tier offers a feature called Scrape Shield that – in addition to email obfuscation and hotlink protection – will allow you to hide selected content from “suspicious visitors” using Server Side Excludes. * A different approach, only if you do not need or use Rest API except for logged- in users … [https://wordpress.org/plugins/disable-wp-rest-api/](https://wordpress.org/plugins/disable-wp-rest-api/) - This reply was modified 7 years, 9 months ago by [aCstudent](https://wordpress.org/support/users/acstudent/). Reason: added a different approach - This reply was modified 7 years, 9 months ago by [aCstudent](https://wordpress.org/support/users/acstudent/). * Thread Starter [jfantasybooks](https://wordpress.org/support/users/jfantasybooks/) * (@jfantasybooks) * [7 years, 9 months ago](https://wordpress.org/support/topic/security-wp-rest-api-web-scraping/#post-10600513) * Thanks for the reply. * Let’s forget about scraping. * What if I would like to use the Rest API that will utilize user data? * Is there a way to secure that info? Viewing 4 replies - 1 through 4 (of 4 total) The topic ‘Security WP REST API – Web Scraping’ is closed to new replies. ## Tags * [scraping](https://wordpress.org/support/topic-tag/scraping/) * [wp rest api](https://wordpress.org/support/topic-tag/wp-rest-api/) * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) * 4 replies * 3 participants * Last reply from: [jfantasybooks](https://wordpress.org/support/users/jfantasybooks/) * Last activity: [7 years, 9 months ago](https://wordpress.org/support/topic/security-wp-rest-api-web-scraping/#post-10600513) * Status: not resolved ## Topics ### Topics with no replies ### Non-support topics ### Resolved topics ### Unresolved topics ### All topics