SMNTCS Disable REST API User Endpoints

Description

With WordPress 4.7 the REST API is part of the core. At the moment everyone has read access to the REST API. As a result of that a potential intruder can retrieve a list of all user slugs via /wp-json/wp/v2/users. This plugin disables the REST API user endpoints to obscure the user slugs.

Contribute

Contributions are more than welcome. Simply head over to Github and open an issue or a pull request.

Installation

  1. Upload smntcs-disable-rest-api-user-endpoints to the /wp-content/plugins/ directory.
  2. Activate the plugin through the Plugins menu in WordPress.

Avis

10 mai 2021 1 reply
Great plugin, works as it should, a must for any Wordpress site.
6 avril 2017
Does what is says, and you really shoud use this on all your sites. I just can’t imagine your woocommerce customers login names being exposed via the REST API. Though the REST API is an amazing feature Kudos on this !!!
Lire les 2 avis

Contributeurs & développeurs

« SMNTCS Disable REST API User Endpoints » est un logiciel libre. Les personnes suivantes ont contribué à cette extension.

Contributeurs

“SMNTCS Disable REST API User Endpoints” a été traduit dans 4 locales. Remerciez l’équipe de traduction pour ses contributions.

Traduisez « SMNTCS Disable REST API User Endpoints » dans votre langue.

Le développement vous intéresse ?

Parcourir le code, consulter le SVN dépôt, ou s’inscrire au journal de développement par RSS.

Historique des changements

2.2 (2023.10.15)

  • Test up to WP 6.4
  • Convert code to OOP

2.1 (2023.03.11)

  • Test up to WP 6.2

2.0 (2022.12.03)

  • Test up to WP 6.1

1.9 (2022.06.09)

  • Test up to WP 6.0

1.8 (2021.12.31)

  • Test up to WP 5.8

1.7 (2021.05.01)

1.6 (2021.01.08)

  • Test up to WP 5.6

1.5 (2020.05.10)

1.4 (2020.05.10)

1.3 (2019.12.26)

1.2 (2019.04.05)

  • Refactor based on PHPCS and WPCS

1.1 (2019.02.20)

  • Test up to WP 5.1

1.0 (2018.03.27)

  • Initial release