Title: WP REST API Security Author: invisnet Published: 2019 年 3 月 5 日 Last modified: 2019 年 8 月 12 日 --- 搜索插件 **该插件尚未通过WordPress的最新3个主要版本进行测试**。 当与较新版本的WordPress一起 使用时,可能不再受到维护或支持,并且可能会存在兼容性问题。 ![](https://s.w.org/plugins/geopattern-icon/wp-rest-api-security.svg) # WP REST API Security 作者:[invisnet](https://profiles.wordpress.org/invisnet/) [下载](https://downloads.wordpress.org/plugin/wp-rest-api-security.zip) * [详情](https://cn.wordpress.org/plugins/wp-rest-api-security/#description) * [评价](https://cn.wordpress.org/plugins/wp-rest-api-security/#reviews) * [安装](https://cn.wordpress.org/plugins/wp-rest-api-security/#installation) * [开发进展](https://cn.wordpress.org/plugins/wp-rest-api-security/#developers) [支持](https://wordpress.org/support/plugin/wp-rest-api-security/) ## 描述 The REST API is essential for any modern web framework, but with it comes a huge attack surface. _WP REST API Security_ reduces the attack surface by disabling all the REST API endpoints by default, allowing you to enable only those actually needed. Those that are enabled require authentication by default, allowing you to choose which to make public. > **N.B.** If you are using the new Block Editor you must keep nearly all the endpoints > enabled for it to work, but none need be public. ## 安装 1. Install via the Plugin Directory, or upload to your plugins directory. 2. Activate the plugin through the ‘Plugins’ menu in WordPress. 3. Go to _Settings_ -> _WP REST API Security_ > **N.B.** Activating _WP REST API Security_ will disable all REST endpoints – you** > must** enable the ones you need. ## 评价 ![](https://secure.gravatar.com/avatar/345025fc3fcb9b613af3175f40c2c7cd692225038d2472a95b1dd75e49ca785d? s=60&d=retro&r=g) ### 󠀁[Great Plugin, just missing multisite support](https://wordpress.org/support/topic/great-plugin-bugs-though/)󠁿 [Larzans](https://profiles.wordpress.org/larzans/) 2020 年 2 月 6 日 This is a great plugin that gives you fine-grained control over your REST API, you can prevent public access but allow private access. This way you can disable all the gutenberg stuff for public use but are still able to use it for logged in users. It would be great to have multisite support too, so that you could protect the whole multisite from the configuration without having to apply the setting in each blog. [ 阅读所有1条评价 ](https://wordpress.org/support/plugin/wp-rest-api-security/reviews/) ## 贡献者及开发者 「WP REST API Security」是开源软件。 以下人员对此插件做出了贡献。 贡献者 * [ invisnet ](https://profiles.wordpress.org/invisnet/) [帮助将「WP REST API Security」翻译成简体中文。](https://translate.wordpress.org/projects/wp-plugins/wp-rest-api-security) ### 对开发感兴趣吗? 您可以[浏览代码](https://plugins.trac.wordpress.org/browser/wp-rest-api-security/), 查看[SVN仓库](https://plugins.svn.wordpress.org/wp-rest-api-security/),或通过[RSS](https://plugins.trac.wordpress.org/log/wp-rest-api-security/?limit=100&mode=stop_on_copy&format=rss) 订阅[开发日志](https://plugins.trac.wordpress.org/log/wp-rest-api-security/)。 ## 更新日志 #### 1.1.2 * Fix array error. #### 1.1.1 * Fix CSS leakage. * Fix array warning. #### 1.1.0 * Bugfix. * Use actions. #### 1.0.0 * Initial release. ## 额外信息 * 版本 **1.1.2** * 最后更新:**7 年前** * 活跃安装数量 **10+** * WordPress 版本 ** 4.9 或更高版本 ** * 已测试的最高版本为 **5.1.22** * PHP 版本 ** 7.0 或更高版本 ** * 语言 * [English (US)](https://wordpress.org/plugins/wp-rest-api-security/) * 标签 * [api](https://cn.wordpress.org/plugins/tags/api/)[rest](https://cn.wordpress.org/plugins/tags/rest/) [security](https://cn.wordpress.org/plugins/tags/security/) * [高级视图](https://cn.wordpress.org/plugins/wp-rest-api-security/advanced/) ## 评级 4 星(最高 5 星)。 * [ 0 条 5 星评价 ](https://wordpress.org/support/plugin/wp-rest-api-security/reviews/?filter=5) * [ 1 条 4 星评价 ](https://wordpress.org/support/plugin/wp-rest-api-security/reviews/?filter=4) * [ 0 条 3 星评价 ](https://wordpress.org/support/plugin/wp-rest-api-security/reviews/?filter=3) * [ 0 条 2 星评价 ](https://wordpress.org/support/plugin/wp-rest-api-security/reviews/?filter=2) * [ 0 条 1 星评价 ](https://wordpress.org/support/plugin/wp-rest-api-security/reviews/?filter=1) [Your review](https://wordpress.org/support/plugin/wp-rest-api-security/reviews/#new-post) [查看全部评论](https://wordpress.org/support/plugin/wp-rest-api-security/reviews/) ## 贡献者 * [ invisnet ](https://profiles.wordpress.org/invisnet/) ## 支持 有话要说吗?是否需要帮助? [查看支持论坛](https://wordpress.org/support/plugin/wp-rest-api-security/) ## 捐助 您愿意支持这个插件的发展吗? [ 捐助此插件 ](https://paypal.me/invisnet/)