Rating: 5 stars

What else can I say, this plugin does exactly what its supposed to do. It’s easy to understand and works perfectly. So well done!

Rating: 5 stars

The plugin does what it says on the tin, without being pretentious. Absolutely fantastic!

Rating: 5 stars

I always start my WordPress installations with this plugin (among a few other ones).

A must have on all sites.

Thank you.

Rating: 5 stars

The plugin still works for me on WordPress 6.2. It’s great to have the option to allow API access where I need it and block everything else.

Rating: 5 stars

Allows locking the WP API behind auth and selectively allowing it where needed. Despite the lack of plugin updates, the author does have an active github repo so don’t let that put you off.

Rating: 5 stars

Blocking the REST API entirely breaks plugins that require this functionality, so being able to selectively enable routes is perfect.

I recommend this plugin to everyone who uses Independent Analytics to secure their site while still enabling analytics to be recorded.

Rating: 5 stars

This is a very good plugin with the options, and it could still work now, but we can not verify compliance. Please update. And do not forget to update the .txt file that shows tested WordPress.

• This topic was modified 7 months ago by Hendrik57. Reason: New experiences
• This topic was modified 7 months ago by Hendrik57.

Rating: 1 star

I installed this but following install I couldn’t view any webpages.

The main page give exception

Notice: Trying to get property ‘name’ of non-object in /home/customer/www/XXXXXX/public_html/wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php on line 60

I prompted renamed plugin folder using FTP in the folder wp-content\plugins\disable-json-api.disable so I could login then deleted it

Good idea but didn’t work for my site

• This topic was modified 1 year, 11 months ago by richardjwallace.

Rating: 5 stars

The title says all. It’s a great plug-in and easy to use. Thanks!

Rating: 5 stars

Great way to disable specific REST API endpoints. Simply a great plugin

Rating: 5 stars

Easily set/deny access for any endpoint per user role.

Rating: 5 stars

I reopened my dormant WordPress account just to post that this plugin just works. We went from multiple attempted logins to none after installing and activating it.

Just use it – you’ll be glad you did.

Rating: 5 stars

thanks, just add to check contact form 7 for non-user and it’s working !

Rating: 5 stars

The plugin does its job and has a simple interface

Rating: 5 stars

this plugin doesn’t work

Rating: 5 stars

Fixes what I consider to be a flaw in WP. API should be off by default. This plugin gets it done.

Rating: 5 stars

Funktioniert sehr gut – auch bei mir mit WordPress 5.5.1

Rating: 3 stars

The plugin uses a is_user_logged_in() check to grant access to disabled REST API endpoints. I run a membership site for one year and just realized it now, that any logged in visitor STILL HAVE ACCESS to any disabled REST API endpoints.

This should be very explicit, and there should be a setting in the plugin settings page to set the minimum role for the user to have access to the disabled endpoints.

Rating: 5 stars

A necessary plugin if you have a site for logged-in users.
Thanks for this plug-in!

Rating: 5 stars

The entire REST API is enabled by default, which is not ideal. This plugin makes it easy to disable it quickly, either completely or by route.

Rating: 5 stars

I needed to prevent content scrapping of my site by disabling WordPress routes but I needed to have all my other API routes open. The whitelisting feature works perfectly.

Rating: 5 stars

works good, no proprietary lockin or paywall

Rating: 5 stars

Does exactly what I want it to do. It disables the REST API completely for non-authenticated users.

Rating: 5 stars

Thank you!

Rating: 5 stars

Thanks for creating this plugin. It was a pleasure to acquire and install. Let’s hope the rest API evolves more safely in the upcoming releases.

Rating: 5 stars

Since the disable REST filter was so wisely disabled *sarcasm*, this plugin is a necessary tool. It’s unconscionable to provide a whole new huge attack surface with the REST API, provide a filter to disable it and then suddenly remove that filter. WTF. Millions of WP sites running 4.7 and 4.7.1 are now defaced because of hubris by the core developers. Years of work to improve WordPress’s reputation for insecurity undone by one irresponsible decision.

Rating: 5 stars

Install, activate and you’re done!

Works perfectly on all the calls I tested it with…

Rating: 5 stars

Works fine with 4.7.2. You can test your site before and after installation of this plugin using https://example.com/wp-json

You’ll know it works when you see the message:

{“code”:”rest_cannot_access”,”message”:”Only authenticated users can access the REST API.”,”data”:{“status”:401}}

Rating: 5 stars

Thanks for the effort, tried it and satisfied with the result.

Keep up the good work.

Rating: 5 stars

Thank you for this plugin!