The WordPress JSON REST API can be useful for developers building apps using WordPress. Other site owners may find it unusable – and it could also potentially expose your website to DDoS attacks that can be resource-intensive, hence slowing down the site.
The following code snippet will render the WordPress REST API disabled by returning an instance of WP_Error when it hits the authentication process,
Instructions
Add the this snippet to your functions.php
file
<?php
add_filter( 'rest_authentication_errors', 'wp_snippet_disable_rest_api' );
function wp_snippet_disable_rest_api( $access ) {
return new WP_Error( 'rest_disabled', __('The WordPress REST API has been disabled.'), array( 'status' => rest_authorization_required_code()));
}
?>
*Make sure to test that your site works as intended after disabling the WordPress JSON REST API.
Related links:
https://make.wordpress.org/core/features-as-plugins/
https://stackoverflow.com/questions/31518090/jetpack-json-rest-api-and-wp-api
Comments