描述
With WordPress 4.7 the REST API is part of the core. At the moment everyone has read access to the REST API. As a result of that a potential intruder can retrieve a list of all user slugs via /wp-json/wp/v2/users. This plugin disables the REST API user endpoints to obscure the user slugs.
Contribute
Contributions are more than welcome. Simply head over to Github and open an issue or a pull request.
安装
- Upload
smntcs-disable-rest-api-user-endpointsto the/wp-content/plugins/directory. - Activate the plugin through the
Pluginsmenu in WordPress.
评价
2021 年 5 月 10 日
1 回复
Great plugin, works as it should, a must for any Wordpress site.
2017 年 4 月 6 日
Does what is says, and you really shoud use this on all your sites.
I just can't imagine your woocommerce customers login names being exposed via the REST API. Though the REST API is an amazing feature
Kudos on this !!!
贡献者及开发者
更新日志
2.2 (2023.10.15)
- Test up to WP 6.4
- Convert code to OOP
2.1 (2023.03.11)
- Test up to WP 6.2
2.0 (2022.12.03)
- Test up to WP 6.1
1.9 (2022.06.09)
- Test up to WP 6.0
1.8 (2021.12.31)
- Test up to WP 5.8
1.7 (2021.05.01)
1.6 (2021.01.08)
- Test up to WP 5.6
1.5 (2020.05.10)
1.4 (2020.05.10)
- Update plugin header
- Test up to WP 5.4
1.3 (2019.12.26)
1.2 (2019.04.05)
- Refactor based on PHPCS and WPCS
1.1 (2019.02.20)
- Test up to WP 5.1
1.0 (2018.03.27)
- Initial release