Title: WP REST API Security Author: invisnet Published: မတ် 5၊ 2019 Last modified: ဩဂုတ် 12၊ 2019 --- Search plugins This plugin **hasn’t been tested with the latest 3 major releases of WordPress**. It may no longer be maintained or supported and may have compatibility issues when used with more recent versions of WordPress. ![](https://s.w.org/plugins/geopattern-icon/wp-rest-api-security.svg) # WP REST API Security By [invisnet](https://profiles.wordpress.org/invisnet/) [Download](https://downloads.wordpress.org/plugin/wp-rest-api-security.zip) * [Details](https://mya.wordpress.org/plugins/wp-rest-api-security/#description) * [Reviews](https://mya.wordpress.org/plugins/wp-rest-api-security/#reviews) * [Installation](https://mya.wordpress.org/plugins/wp-rest-api-security/#installation) * [Development](https://mya.wordpress.org/plugins/wp-rest-api-security/#developers) [Support](https://wordpress.org/support/plugin/wp-rest-api-security/) ## Description The REST API is essential for any modern web framework, but with it comes a huge attack surface. _WP REST API Security_ reduces the attack surface by disabling all the REST API endpoints by default, allowing you to enable only those actually needed. Those that are enabled require authentication by default, allowing you to choose which to make public. > **N.B.** If you are using the new Block Editor you must keep nearly all the endpoints > enabled for it to work, but none need be public. ## Installation 1. Install via the Plugin Directory, or upload to your plugins directory. 2. Activate the plugin through the ‘Plugins’ menu in WordPress. 3. Go to _Settings_ -> _WP REST API Security_ > **N.B.** Activating _WP REST API Security_ will disable all REST endpoints – you** > must** enable the ones you need. ## Reviews ![](https://secure.gravatar.com/avatar/345025fc3fcb9b613af3175f40c2c7cd692225038d2472a95b1dd75e49ca785d? s=60&d=retro&r=g) ### 󠀁[Great Plugin, just missing multisite support](https://wordpress.org/support/topic/great-plugin-bugs-though/)󠁿 [Larzans](https://profiles.wordpress.org/larzans/) ဖေ‌ဖော်ဝါရီ 6၊ 2020 This is a great plugin that gives you fine-grained control over your REST API, you can prevent public access but allow private access. This way you can disable all the gutenberg stuff for public use but are still able to use it for logged in users. It would be great to have multisite support too, so that you could protect the whole multisite from the configuration without having to apply the setting in each blog. [ Read all 1 review ](https://wordpress.org/support/plugin/wp-rest-api-security/reviews/) ## Contributors & Developers “WP REST API Security” is open source software. The following people have contributed to this plugin. Contributors * [ invisnet ](https://profiles.wordpress.org/invisnet/) [Translate “WP REST API Security” into your language.](https://translate.wordpress.org/projects/wp-plugins/wp-rest-api-security) ### Interested in development? [Browse the code](https://plugins.trac.wordpress.org/browser/wp-rest-api-security/), check out the [SVN repository](https://plugins.svn.wordpress.org/wp-rest-api-security/), or subscribe to the [development log](https://plugins.trac.wordpress.org/log/wp-rest-api-security/) by [RSS](https://plugins.trac.wordpress.org/log/wp-rest-api-security/?limit=100&mode=stop_on_copy&format=rss). ## Changelog #### 1.1.2 * Fix array error. #### 1.1.1 * Fix CSS leakage. * Fix array warning. #### 1.1.0 * Bugfix. * Use actions. #### 1.0.0 * Initial release. ## Meta * Version **1.1.2** * Last updated **7 နှစ် ago** * Active installations **10+** * WordPress version ** 4.9 or higher ** * Tested up to **5.1.22** * PHP version ** 7.0 or higher ** * Language * [English (US)](https://wordpress.org/plugins/wp-rest-api-security/) * Tags * [api](https://mya.wordpress.org/plugins/tags/api/)[rest](https://mya.wordpress.org/plugins/tags/rest/) [security](https://mya.wordpress.org/plugins/tags/security/) * [Advanced View](https://mya.wordpress.org/plugins/wp-rest-api-security/advanced/) ## Ratings 4 out of 5 stars. * [ 0 5-star reviews ](https://wordpress.org/support/plugin/wp-rest-api-security/reviews/?filter=5) * [ 1 4-star review ](https://wordpress.org/support/plugin/wp-rest-api-security/reviews/?filter=4) * [ 0 3-star reviews ](https://wordpress.org/support/plugin/wp-rest-api-security/reviews/?filter=3) * [ 0 2-star reviews ](https://wordpress.org/support/plugin/wp-rest-api-security/reviews/?filter=2) * [ 0 1-star reviews ](https://wordpress.org/support/plugin/wp-rest-api-security/reviews/?filter=1) [Your review](https://wordpress.org/support/plugin/wp-rest-api-security/reviews/#new-post) [See all reviews](https://wordpress.org/support/plugin/wp-rest-api-security/reviews/) ## Contributors * [ invisnet ](https://profiles.wordpress.org/invisnet/) ## Support Got something to say? Need help? [View support forum](https://wordpress.org/support/plugin/wp-rest-api-security/) ## Donate Would you like to support the advancement of this plugin? [ Donate to this plugin ](https://paypal.me/invisnet/)