2017 © Pedro Peláez
 

wordpress-plugin wp-secure-rest-api

A very simple mu plugin for WordPress that disallows access to REST endpoints for users that are not logged in.

image

carawebs/wp-secure-rest-api

A very simple mu plugin for WordPress that disallows access to REST endpoints for users that are not logged in.

  • Thursday, February 1, 2018
  • by DavidEgan
  • Repository
  • 1 Watchers
  • 0 Stars
  • 7 Installations
  • PHP
  • 0 Dependents
  • 0 Suggesters
  • 0 Forks
  • 0 Open issues
  • 3 Versions
  • 0 % Grown

The README.md

Secure WordPress REST API

A super-simple plugin that disallows access to REST endpoints for users that are not logged in., (*1)

Stops the REST API from being used to enumerate users., (*2)

Usage

  • Clone this repo to mu-plugins - you may need to create this directory in the designated WordPress content directory (wp-content in a standard install)
  • Make sure the file is loaded

If you're using Bedrock, the built in mu-plugins autoloader will take care of loading for you., (*3)

Check it's working: https://example.com/wp-json/wp/v2/users should return a 401 response if the user is not logged in., (*4)

Non Bedrock Loader

Add this line to a loader in the root mu-plugins directory:, (*5)

<?php
// path/mu-plugins/load.php
require WPMU_PLUGIN_DIR.'/secure-rest-api/secure-rest-api.php';

The Versions

01/02 2018

dev-master

9999999-dev

A very simple mu plugin for WordPress that disallows access to REST endpoints for users that are not logged in.

  Sources   Download

GPL2 GPL-2.0-only

by David Egan

23/05 2017

1.0.1

1.0.1.0

A very simple mu plugin for WordPress that disallows access to REST endpoints for users that are not logged in.

  Sources   Download

GPL2

by David Egan

23/05 2017

1.0.0

1.0.0.0

A very simple mu plugin for WordPress that disallows access to REST endpoints for users that are not logged in.

  Sources   Download

MIT

by David Egan