Turn Off REST API

Prevents unauthorized requests from using the WP REST API.

Turn off JSON REST API on your website to anonymous users and prevent unauthorized requests from using the REST API to get information from your website.

Since the release of WordPress 4.0 came out, there have been a lot of hackers exploiting the vulnerabilities of the REST API. By installing this plugin, you will effectively prevent and disable the use of REST API from unauthorized users and protect the information on your website from being accessible. If someone tries to access the REST API on your site, the plugin will return an authentication error on the API endpoints, for any unauthorized users trying to access it.

While WordPress REST API vulnerability exploits continue this plugin effectively prevent and disable the used of REST API from accessing information from your website, this plugin return authentication error and disable all endpoints for any user not logged in on your website.

You may also send your donation to help & support us maintain free plugin
releases on the following crypto wallet addresses
bc1q097pndekk8pmh8rzrd55dz95wuplc4ndzq2auj Donate BTC bc1q097pndekk8pmh8rzrd55dz95wuplc4ndzq2auj bc1q097pndekk8pmh8rzrd55dz95wuplc4ndzq2auj
0x140a326464700dF97FECc6976DB1278271169DA0 Donate ETH 0x140a326464700dF97FECc6976DB1278271169DA0 0x140a326464700dF97FECc6976DB1278271169DA0
addr1q84sn6gjlps5gjjfc2p6a6h74yd4z0qjdn3vp5hthg470ukgh034l3n3grfcrg0vrtee7t2e2n6v94hruevhj5zzdwnqphglc6 Donate ADA addr1q84sn6gjlps5gjjfc2p6a6h74yd4z0qjdn3vp5hthg470ukgh034l3n3grfcrg0vrtee7t2e2n6v94hruevhj5zzdwnqphglc6 addr1q84sn6gjlps5gjjfc2p6a6h74yd4z0qjdn3vp5hthg470ukgh034l3n3grfcrg0vrtee7t2e2n6v94hruevhj5zzdwnqphglc6

Plugin Info
Requires at least: 4.7
Tested up to: 5.1
Stable tag: 1.0.4

Screenshots

Installation
1. Download the plugin via WordPress.org
2. Upload the `turn-off-rest-api` directory to the `/wp-content/plugins/` directory via FTP
3. Activate the plugin through the ‘Plugins’ menu in WordPress

Frequently Asked Questions
Q: How may I know if the plugin is working and my WP REST API is secured?
A: To test kindly log out and please go to http://[your_website_url].com/wp-json and check if REST API will return an error that reads ‘Only authenticated users are allowed an access on REST API’

Translations
* English (en_US)

Changelog
1.0.4
* New – Update license to GPLv3
* Tweak – Compatibility with WP 5+
* Tweak – Update language file
* Tweak – Minor improvements

1.0.3
* Tweak – Added en_US language file
* Tweak – Added license file
* Tweak – Minor code clean up

1.0.2
* Tweak – Added endpoints admin page
* Tweak – Minor improvements

1.0.1
* Tweak – Minor improvements
* Tweak – Optimized filter implementation

1.0.0
* Initial Release